CVE-2023-7247

Summary

The Login as User or Customer WordPress plugin through 3.8 does not prevent users to log in as any other user on the site.

Affected Software

VendorProductVersion RangeStatus
UnknownLogin as User or Customer0 <= 3.8affected

Weaknesses

  • CWE-269 Improper Privilege Management

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References