Wp Cerber
Monthly
WP Cerber before 8.9.3 allows bypass of /wp-json access control via a trailing ? character. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
WP Cerber before 8.9.3 allows MFA bypass via wordpress_logged_in_[hash] manipulation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
WP Cerber before 8.9.3 allows bypass of /wp-json access control via a trailing ? character. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
WP Cerber before 8.9.3 allows MFA bypass via wordpress_logged_in_[hash] manipulation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.