Cloudsecure Wp Security
Monthly
Authentication bypass in the CloudSecure WP Security WordPress plugin (versions ≤ 1.4.7) allows remote unauthenticated attackers to subvert the plugin's authentication controls, leading to high impact on confidentiality, integrity, and availability of affected WordPress sites. The flaw is tracked by Patchstack and ENISA EUVD as a broken authentication issue (CWE-288) with a CVSS 3.1 base score of 8.1 (AV:N/AC:H/PR:N/UI:N). No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Authentication bypass in the CloudSecure WP Security WordPress plugin (versions ≤ 1.4.7) allows remote unauthenticated attackers to subvert the plugin's authentication controls, leading to high impact on confidentiality, integrity, and availability of affected WordPress sites. The flaw is tracked by Patchstack and ENISA EUVD as a broken authentication issue (CWE-288) with a CVSS 3.1 base score of 8.1 (AV:N/AC:H/PR:N/UI:N). No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.