Skip to main content

Webo Facto

1 CVEs product

Monthly

CVE-2024-8853 CRITICAL PATCH Act Now

The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.40 due to insufficient restriction on the 'doSsoAuthentification' function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation WordPress Webo Facto
NVD
CVSS 3.1
9.8
EPSS
0.6%
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.40 due to insufficient restriction on the 'doSsoAuthentification' function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation WordPress Webo Facto
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy