CVE-2020-8772
06.02.2020, 17:15
The InfiniteWP Client plugin before 1.9.4.5 for WordPress has a missing authorization check in iwp_mmb_set_request in init.php. Any attacker who knows the username of an administrator can log in.Enginsight
| Vendor | Product | Version |
|---|---|---|
| revmakx | infinitewp_client | 𝑥 < 1.9.4.5 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration