Vulnerability Bulletins

Critical Authentication Bypass Vulnerability in InfiniteWP Client Plugin

System information
   
Affected software Wordpress

Description
https://www.wordfence.com/blog/2020/01/critical-authentication-bypass-vulnerability-in-infinitewp-client-plugin/ Description: Authentication BypassAffected Plugin: InfiniteWP ClientAffected Versions: < 1.9.4.5CVSS Score: 9.8 (Critical)CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HPatched Version: 1.9.4.5 A vulnerability has been discovered in the InfiniteWP Client plugin versions 1.9.4.4 or earlier. InfiniteWP Client is a plugin that, when installed on a WordPress site, allows a

More info:

https://www.wordfence.com/blog/2020/01/critical-authentication-bypass-vulnerability-in-infinitewp-client-plugin/

Standar resources
Property Value
CVE

Version history
Version Comments Date
1.0 Advisory issued 2020-01-17
Ministerio de Defensa
CNI
CCN
CCN-CERT