1 results (0.001 seconds)
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 1
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 1CVE-2020-8771 – Backup and Staging by WP Time Capsule <= 1.21.15 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2020-8771
The Time Capsule plugin before 1.21.16 for WordPress has an authentication bypass. Any request containing IWP_JSON_PREFIX causes the client to be logged in as the first account on the list of administrator accounts. El plugin Time Capsule versiones anteriores a 1.21.16 para WordPress, presenta una omisión de autenticación. Cualquier petición que contenga IWP_JSON_PREFIX causa que el cliente inicie sesión como la primera cuenta en la lista de cuentas de administrador. • https://wpvulndb.com/vulnerabilities/10010 https://www.webarxsecurity.com/vulnerability-infinitewp-client-wp-time-capsule • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •