Addi 8211 Cuotas Que Se Adaptan A Ti
Monthly
A hard-coded credentials vulnerability exists in the Addi buy-now-pay-later WordPress plugin (versions up to 2.0.4) that enables password recovery exploitation and authentication bypass attacks. Attackers can leverage embedded credentials to gain unauthorized access to user accounts and potentially escalate privileges within the plugin's functionality. This vulnerability is classified under CWE-798 (Use of Hard-coded Credentials) and has been reported by Patchstack; no CVSS score, EPSS data, or active KEV status is currently available, though the authentication bypass nature suggests active exploitation risk.
A hard-coded credentials vulnerability exists in the Addi buy-now-pay-later WordPress plugin (versions up to 2.0.4) that enables password recovery exploitation and authentication bypass attacks. Attackers can leverage embedded credentials to gain unauthorized access to user accounts and potentially escalate privileges within the plugin's functionality. This vulnerability is classified under CWE-798 (Use of Hard-coded Credentials) and has been reported by Patchstack; no CVSS score, EPSS data, or active KEV status is currently available, though the authentication bypass nature suggests active exploitation risk.