Boletines de Vulnerabilidades

Critical Authentication Bypass Vulnerability in InfiniteWP Client Plugin

Información sobre el sistema
   
Software afectado Wordpress

Descripción
https://www.wordfence.com/blog/2020/01/critical-authentication-bypass-vulnerability-in-infinitewp-client-plugin/ Description: Authentication BypassAffected Plugin: InfiniteWP ClientAffected Versions: < 1.9.4.5CVSS Score: 9.8 (Critical)CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HPatched Version: 1.9.4.5 A vulnerability has been discovered in the InfiniteWP Client plugin versions 1.9.4.4 or earlier. InfiniteWP Client is a plugin that, when installed on a WordPress site, allows a

More info:

https://www.wordfence.com/blog/2020/01/critical-authentication-bypass-vulnerability-in-infinitewp-client-plugin/

Identificadores estándar
Propiedad Valor
CVE

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2020-01-17

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT