CVE-2021-24836

The Temporary Login Without Password WordPress plugin before 1.7.1 does not have authorisation and CSRF checks when updating its settings, which could allows any logged-in users, such as subscribers to update them
References
Configurations

Configuration 1

cpe:2.3:a:storeapps:temporary_login_without_password:*:*:*:*:*:wordpress:*:*

Information

Published : 2021-12-13 11:15

Updated : 2022-08-04 06:53


NVD link : CVE-2021-24836

Mitre link : CVE-2021-24836

Products Affected
No products.