Vulnerability Details CVE-2023-7247
The Login as User or Customer WordPress plugin through 3.8 does not prevent users to log in as any other user on the site.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.8%
CVSS Severity
CVSS v3 Score 4.9
References
- https://drive.google.com/file/d/1GCOzJ-ZovYij9GIdmsrZrR9g8mlC22hs/view?usp=sharing
- https://wpscan.com/vulnerability/96b93253-31d0-4184-94b7-f1e18355d841/
- https://drive.google.com/file/d/1GCOzJ-ZovYij9GIdmsrZrR9g8mlC22hs/view?usp=sharing
- https://wpscan.com/vulnerability/96b93253-31d0-4184-94b7-f1e18355d841/
Products affected by CVE-2023-7247
-
cpe:2.3:a:wp-buy:login_as_user_or_customer_(user_switching):1.1
-
cpe:2.3:a:wp-buy:login_as_user_or_customer_(user_switching):1.2
-
cpe:2.3:a:wp-buy:login_as_user_or_customer_(user_switching):1.3
-
cpe:2.3:a:wp-buy:login_as_user_or_customer_(user_switching):1.4
-
cpe:2.3:a:wp-buy:login_as_user_or_customer_(user_switching):1.5
-
cpe:2.3:a:wp-buy:login_as_user_or_customer_(user_switching):1.6
-
cpe:2.3:a:wp-buy:login_as_user_or_customer_(user_switching):1.7
-
cpe:2.3:a:wp-buy:login_as_user_or_customer_(user_switching):1.8
-
cpe:2.3:a:wp-buy:login_as_user_or_customer_(user_switching):1.9
-
cpe:2.3:a:wp-buy:login_as_user_or_customer_(user_switching):2.1