Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
WordPress Plugin InfiniteWP Client Security Bypass - CVE-2020-8772 - Vulnerability Database
WP Plugin Iwp Client

WordPress Plugin InfiniteWP Client Security Bypass - CVE-2020-8772

Critical
Reference: CVE-2020-8772
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-8772
Title: WordPress Plugin InfiniteWP Client Security Bypass
Overview:

WordPress Plugin InfiniteWP Client is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently login into an administrator account without a password. WordPress Plugin InfiniteWP Client version 1.9.4.4 is vulnerable prior versions may also be affected.