Wp-buy Login_as_user_or_customer_\(user_switching\)
3 CVEs affecting Wp-buy Login_as_user_or_customer_\(user_switching\). Latest disclosed: 2024-03-11. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-4305 | Critical | 9.8 | 2023-01-23 | The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could all… |
CVE-2021-24195 | High | 8.8 | 2021-05-14 | Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Login as User or Customer (User Switching) WordPress plugin befor… |
CVE-2023-7247 | Medium | 4.9 | 2024-03-11 | The Login as User or Customer WordPress plugin through 3.8 does not prevent users to log in as any other user on the site. |