Apocalypse Meow 21.1.3-21.2.7 - BCrypt Authentication Bypass
Description | Requires bcrypt to be enabled. |
Affects Plugin
fixed in version 21.2.8
|
References
URL | https://plugins.trac.wordpress.org/changeset/1780072/apocalypse-meow |
URL | https://twitter.com/Sc00bzT/status/937124418500866048 |
Classification
Type | AUTHBYPASS |
OWASP Top 10 | A2: Broken Authentication and Session Management |
CWE | CWE-287 |
Miscellaneous
Submitter | ethicalhack3r |
Submitter Website | https://dewhurstsecurity.com/ |
Submitter Twitter | ethicalhack3r |
Views | 1849 |
Verified | No |
WPVDB ID | 8972 |
Timeline
Publicly Published | 2017-12-03 (about 1 year ago) |
Added | 2017-12-04 (about 1 year ago) |
Last Updated | 2017-12-04 (about 1 year ago) |
Copyright & License
Copyright | All data and resources contained within this page and this web site is Copyright © The WPScan Team. |
License | Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us. |