Wp-buy Login_as_user_or_customer_\(user_switching\)

3 CVEs affecting Wp-buy Login_as_user_or_customer_\(user_switching\). Latest disclosed: 2024-03-11. Critical: 1, High: 1.

Top CVEs affecting Wp-buy Login_as_user_or_customer_\(user_switching\)
CVESeverityScorePublishedSummary
CVE-2022-4305Critical9.82023-01-23The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could all…
CVE-2021-24195High8.82021-05-14Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Login as User or Customer (User Switching) WordPress plugin befor…
CVE-2023-7247Medium4.92024-03-11The Login as User or Customer WordPress plugin through 3.8 does not prevent users to log in as any other user on the site.