Vulnerability Details CVE-2024-9946
The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.13.68. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log in as any existing user on the site, if they have access to the email and the user does not have an already-existing account for the service returning the token. An attacker cannot authenticate as an administrator by default, but these accounts are also at risk if authentication for administrators has explicitly been allowed via the social login. The vulnerability was partially patched in version 7.13.68.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.1%
CVSS Severity
CVSS v3 Score 8.1
References
Products affected by CVE-2024-9946
-
cpe:2.3:a:heateor:super_socializer:-
-
cpe:2.3:a:heateor:super_socializer:1.0.0
-
cpe:2.3:a:heateor:super_socializer:1.0.1
-
cpe:2.3:a:heateor:super_socializer:1.0.2
-
cpe:2.3:a:heateor:super_socializer:2.0.0
-
cpe:2.3:a:heateor:super_socializer:2.1.0
-
cpe:2.3:a:heateor:super_socializer:2.5.0
-
cpe:2.3:a:heateor:super_socializer:2.5.1
-
cpe:2.3:a:heateor:super_socializer:2.5.2
-
cpe:2.3:a:heateor:super_socializer:2.8.0
-
cpe:2.3:a:heateor:super_socializer:2.8.1
-
cpe:2.3:a:heateor:super_socializer:2.9.0
-
cpe:2.3:a:heateor:super_socializer:3.4.0
-
cpe:2.3:a:heateor:super_socializer:3.4.1
-
cpe:2.3:a:heateor:super_socializer:3.4.2
-
cpe:2.3:a:heateor:super_socializer:4.0.0
-
cpe:2.3:a:heateor:super_socializer:4.0.1
-
cpe:2.3:a:heateor:super_socializer:4.0.2
-
cpe:2.3:a:heateor:super_socializer:4.2.0
-
cpe:2.3:a:heateor:super_socializer:4.3.0
-
cpe:2.3:a:heateor:super_socializer:5.0.0
-
cpe:2.3:a:heateor:super_socializer:5.0.1
-
cpe:2.3:a:heateor:super_socializer:5.0.2
-
cpe:2.3:a:heateor:super_socializer:5.1.2
-
cpe:2.3:a:heateor:super_socializer:5.2.2
-
cpe:2.3:a:heateor:super_socializer:5.3.2
-
cpe:2.3:a:heateor:super_socializer:5.4.2
-
cpe:2.3:a:heateor:super_socializer:5.5.2
-
cpe:2.3:a:heateor:super_socializer:5.8.0
-
cpe:2.3:a:heateor:super_socializer:5.8.1
-
cpe:2.3:a:heateor:super_socializer:6.0
-
cpe:2.3:a:heateor:super_socializer:6.1
-
cpe:2.3:a:heateor:super_socializer:6.2
-
cpe:2.3:a:heateor:super_socializer:6.4
-
cpe:2.3:a:heateor:super_socializer:6.5
-
cpe:2.3:a:heateor:super_socializer:6.6
-
cpe:2.3:a:heateor:super_socializer:6.6.1
-
cpe:2.3:a:heateor:super_socializer:6.6.2
-
cpe:2.3:a:heateor:super_socializer:6.6.3
-
cpe:2.3:a:heateor:super_socializer:6.6.4
-
cpe:2.3:a:heateor:super_socializer:7.0
-
cpe:2.3:a:heateor:super_socializer:7.0.1
-
cpe:2.3:a:heateor:super_socializer:7.1
-
cpe:2.3:a:heateor:super_socializer:7.10
-
cpe:2.3:a:heateor:super_socializer:7.10.1
-
cpe:2.3:a:heateor:super_socializer:7.10.2
-
cpe:2.3:a:heateor:super_socializer:7.10.3
-
cpe:2.3:a:heateor:super_socializer:7.10.4
-
cpe:2.3:a:heateor:super_socializer:7.10.5
-
cpe:2.3:a:heateor:super_socializer:7.10.6
-
cpe:2.3:a:heateor:super_socializer:7.11
-
cpe:2.3:a:heateor:super_socializer:7.11.1
-
cpe:2.3:a:heateor:super_socializer:7.11.10
-
cpe:2.3:a:heateor:super_socializer:7.11.11
-
cpe:2.3:a:heateor:super_socializer:7.11.12
-
cpe:2.3:a:heateor:super_socializer:7.11.13
-
cpe:2.3:a:heateor:super_socializer:7.11.14
-
cpe:2.3:a:heateor:super_socializer:7.11.15
-
cpe:2.3:a:heateor:super_socializer:7.11.16
-
cpe:2.3:a:heateor:super_socializer:7.11.2
-
cpe:2.3:a:heateor:super_socializer:7.11.3
-
cpe:2.3:a:heateor:super_socializer:7.11.4
-
cpe:2.3:a:heateor:super_socializer:7.11.5
-
cpe:2.3:a:heateor:super_socializer:7.11.6
-
cpe:2.3:a:heateor:super_socializer:7.11.7
-
cpe:2.3:a:heateor:super_socializer:7.11.8
-
cpe:2.3:a:heateor:super_socializer:7.11.9
-
cpe:2.3:a:heateor:super_socializer:7.12
-
cpe:2.3:a:heateor:super_socializer:7.12.1
-
cpe:2.3:a:heateor:super_socializer:7.12.10
-
cpe:2.3:a:heateor:super_socializer:7.12.11
-
cpe:2.3:a:heateor:super_socializer:7.12.12
-
cpe:2.3:a:heateor:super_socializer:7.12.13
-
cpe:2.3:a:heateor:super_socializer:7.12.15
-
cpe:2.3:a:heateor:super_socializer:7.12.16
-
cpe:2.3:a:heateor:super_socializer:7.12.17
-
cpe:2.3:a:heateor:super_socializer:7.12.18
-
cpe:2.3:a:heateor:super_socializer:7.12.19
-
cpe:2.3:a:heateor:super_socializer:7.12.2
-
cpe:2.3:a:heateor:super_socializer:7.12.20
-
cpe:2.3:a:heateor:super_socializer:7.12.21
-
cpe:2.3:a:heateor:super_socializer:7.12.22
-
cpe:2.3:a:heateor:super_socializer:7.12.23
-
cpe:2.3:a:heateor:super_socializer:7.12.24
-
cpe:2.3:a:heateor:super_socializer:7.12.25
-
cpe:2.3:a:heateor:super_socializer:7.12.26
-
cpe:2.3:a:heateor:super_socializer:7.12.27
-
cpe:2.3:a:heateor:super_socializer:7.12.28
-
cpe:2.3:a:heateor:super_socializer:7.12.29
-
cpe:2.3:a:heateor:super_socializer:7.12.3
-
cpe:2.3:a:heateor:super_socializer:7.12.30
-
cpe:2.3:a:heateor:super_socializer:7.12.31
-
cpe:2.3:a:heateor:super_socializer:7.12.32
-
cpe:2.3:a:heateor:super_socializer:7.12.33
-
cpe:2.3:a:heateor:super_socializer:7.12.34
-
cpe:2.3:a:heateor:super_socializer:7.12.35
-
cpe:2.3:a:heateor:super_socializer:7.12.36
-
cpe:2.3:a:heateor:super_socializer:7.12.37
-
cpe:2.3:a:heateor:super_socializer:7.12.38
-
cpe:2.3:a:heateor:super_socializer:7.12.39
-
cpe:2.3:a:heateor:super_socializer:7.12.4
-
cpe:2.3:a:heateor:super_socializer:7.12.40
-
cpe:2.3:a:heateor:super_socializer:7.12.41
-
cpe:2.3:a:heateor:super_socializer:7.12.42
-
cpe:2.3:a:heateor:super_socializer:7.12.43
-
cpe:2.3:a:heateor:super_socializer:7.12.44
-
cpe:2.3:a:heateor:super_socializer:7.12.45
-
cpe:2.3:a:heateor:super_socializer:7.12.46
-
cpe:2.3:a:heateor:super_socializer:7.12.47
-
cpe:2.3:a:heateor:super_socializer:7.12.49
-
cpe:2.3:a:heateor:super_socializer:7.12.5
-
cpe:2.3:a:heateor:super_socializer:7.12.50
-
cpe:2.3:a:heateor:super_socializer:7.12.6
-
cpe:2.3:a:heateor:super_socializer:7.12.7
-
cpe:2.3:a:heateor:super_socializer:7.12.8
-
cpe:2.3:a:heateor:super_socializer:7.12.9
-
cpe:2.3:a:heateor:super_socializer:7.13
-
cpe:2.3:a:heateor:super_socializer:7.13.1
-
cpe:2.3:a:heateor:super_socializer:7.13.10
-
cpe:2.3:a:heateor:super_socializer:7.13.11
-
cpe:2.3:a:heateor:super_socializer:7.13.12
-
cpe:2.3:a:heateor:super_socializer:7.13.13
-
cpe:2.3:a:heateor:super_socializer:7.13.14
-
cpe:2.3:a:heateor:super_socializer:7.13.15
-
cpe:2.3:a:heateor:super_socializer:7.13.16
-
cpe:2.3:a:heateor:super_socializer:7.13.17
-
cpe:2.3:a:heateor:super_socializer:7.13.18
-
cpe:2.3:a:heateor:super_socializer:7.13.19
-
cpe:2.3:a:heateor:super_socializer:7.13.2
-
cpe:2.3:a:heateor:super_socializer:7.13.20
-
cpe:2.3:a:heateor:super_socializer:7.13.21
-
cpe:2.3:a:heateor:super_socializer:7.13.22
-
cpe:2.3:a:heateor:super_socializer:7.13.23
-
cpe:2.3:a:heateor:super_socializer:7.13.24
-
cpe:2.3:a:heateor:super_socializer:7.13.25
-
cpe:2.3:a:heateor:super_socializer:7.13.26
-
cpe:2.3:a:heateor:super_socializer:7.13.27
-
cpe:2.3:a:heateor:super_socializer:7.13.28
-
cpe:2.3:a:heateor:super_socializer:7.13.29
-
cpe:2.3:a:heateor:super_socializer:7.13.3
-
cpe:2.3:a:heateor:super_socializer:7.13.30
-
cpe:2.3:a:heateor:super_socializer:7.13.31
-
cpe:2.3:a:heateor:super_socializer:7.13.32
-
cpe:2.3:a:heateor:super_socializer:7.13.33
-
cpe:2.3:a:heateor:super_socializer:7.13.34
-
cpe:2.3:a:heateor:super_socializer:7.13.35
-
cpe:2.3:a:heateor:super_socializer:7.13.36
-
cpe:2.3:a:heateor:super_socializer:7.13.37
-
cpe:2.3:a:heateor:super_socializer:7.13.38
-
cpe:2.3:a:heateor:super_socializer:7.13.39
-
cpe:2.3:a:heateor:super_socializer:7.13.4
-
cpe:2.3:a:heateor:super_socializer:7.13.40
-
cpe:2.3:a:heateor:super_socializer:7.13.41
-
cpe:2.3:a:heateor:super_socializer:7.13.43
-
cpe:2.3:a:heateor:super_socializer:7.13.44
-
cpe:2.3:a:heateor:super_socializer:7.13.45
-
cpe:2.3:a:heateor:super_socializer:7.13.46
-
cpe:2.3:a:heateor:super_socializer:7.13.47
-
cpe:2.3:a:heateor:super_socializer:7.13.48
-
cpe:2.3:a:heateor:super_socializer:7.13.49
-
cpe:2.3:a:heateor:super_socializer:7.13.5
-
cpe:2.3:a:heateor:super_socializer:7.13.50
-
cpe:2.3:a:heateor:super_socializer:7.13.51
-
cpe:2.3:a:heateor:super_socializer:7.13.52
-
cpe:2.3:a:heateor:super_socializer:7.13.53
-
cpe:2.3:a:heateor:super_socializer:7.13.54
-
cpe:2.3:a:heateor:super_socializer:7.13.55
-
cpe:2.3:a:heateor:super_socializer:7.13.56
-
cpe:2.3:a:heateor:super_socializer:7.13.57
-
cpe:2.3:a:heateor:super_socializer:7.13.58
-
cpe:2.3:a:heateor:super_socializer:7.13.59
-
cpe:2.3:a:heateor:super_socializer:7.13.6
-
cpe:2.3:a:heateor:super_socializer:7.13.60
-
cpe:2.3:a:heateor:super_socializer:7.13.61
-
cpe:2.3:a:heateor:super_socializer:7.13.62
-
cpe:2.3:a:heateor:super_socializer:7.13.63
-
cpe:2.3:a:heateor:super_socializer:7.13.64
-
cpe:2.3:a:heateor:super_socializer:7.13.65
-
cpe:2.3:a:heateor:super_socializer:7.13.66
-
cpe:2.3:a:heateor:super_socializer:7.13.67
-
cpe:2.3:a:heateor:super_socializer:7.13.68
-
cpe:2.3:a:heateor:super_socializer:7.13.7
-
cpe:2.3:a:heateor:super_socializer:7.13.8
-
cpe:2.3:a:heateor:super_socializer:7.13.9
-
cpe:2.3:a:heateor:super_socializer:7.2
-
cpe:2.3:a:heateor:super_socializer:7.2.1
-
cpe:2.3:a:heateor:super_socializer:7.4.1
-
cpe:2.3:a:heateor:super_socializer:7.4.2
-
cpe:2.3:a:heateor:super_socializer:7.5.2
-
cpe:2.3:a:heateor:super_socializer:7.5.3
-
cpe:2.3:a:heateor:super_socializer:7.5.4
-
cpe:2.3:a:heateor:super_socializer:7.5.5
-
cpe:2.3:a:heateor:super_socializer:7.5.6
-
cpe:2.3:a:heateor:super_socializer:7.6
-
cpe:2.3:a:heateor:super_socializer:7.7
-
cpe:2.3:a:heateor:super_socializer:7.7.1
-
cpe:2.3:a:heateor:super_socializer:7.7.2
-
cpe:2.3:a:heateor:super_socializer:7.7.3
-
cpe:2.3:a:heateor:super_socializer:7.7.4
-
cpe:2.3:a:heateor:super_socializer:7.7.5
-
cpe:2.3:a:heateor:super_socializer:7.7.6
-
cpe:2.3:a:heateor:super_socializer:7.7.7
-
cpe:2.3:a:heateor:super_socializer:7.7.8
-
cpe:2.3:a:heateor:super_socializer:7.8
-
cpe:2.3:a:heateor:super_socializer:7.8.1
-
cpe:2.3:a:heateor:super_socializer:7.8.10
-
cpe:2.3:a:heateor:super_socializer:7.8.11
-
cpe:2.3:a:heateor:super_socializer:7.8.12
-
cpe:2.3:a:heateor:super_socializer:7.8.13
-
cpe:2.3:a:heateor:super_socializer:7.8.14
-
cpe:2.3:a:heateor:super_socializer:7.8.15
-
cpe:2.3:a:heateor:super_socializer:7.8.16
-
cpe:2.3:a:heateor:super_socializer:7.8.17
-
cpe:2.3:a:heateor:super_socializer:7.8.18
-
cpe:2.3:a:heateor:super_socializer:7.8.19
-
cpe:2.3:a:heateor:super_socializer:7.8.2
-
cpe:2.3:a:heateor:super_socializer:7.8.20
-
cpe:2.3:a:heateor:super_socializer:7.8.21
-
cpe:2.3:a:heateor:super_socializer:7.8.22
-
cpe:2.3:a:heateor:super_socializer:7.8.23
-
cpe:2.3:a:heateor:super_socializer:7.8.24
-
cpe:2.3:a:heateor:super_socializer:7.8.3
-
cpe:2.3:a:heateor:super_socializer:7.8.4
-
cpe:2.3:a:heateor:super_socializer:7.8.5
-
cpe:2.3:a:heateor:super_socializer:7.8.6
-
cpe:2.3:a:heateor:super_socializer:7.8.7
-
cpe:2.3:a:heateor:super_socializer:7.8.8
-
cpe:2.3:a:heateor:super_socializer:7.8.9
-
cpe:2.3:a:heateor:super_socializer:7.9
-
cpe:2.3:a:heateor:super_socializer:7.9.1
-
cpe:2.3:a:heateor:super_socializer:7.9.2
-
cpe:2.3:a:heateor:super_socializer:7.9.3
-
cpe:2.3:a:heateor:super_socializer:7.9.4
-
cpe:2.3:a:heateor:super_socializer:7.9.5
-
cpe:2.3:a:heateor:super_socializer:7.9.6
-
cpe:2.3:a:heateor:super_socializer:7.9.7