Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High1

Medium1

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2025-05-01

CVE-2023-7247 - Login As User Or Customer User Switching Plugin

The Login as User or Customer WordPress plugin through 3.8 does not prevent users to log in as any other user on the site.

PLUGIN Login As User Or Customer User Switching

CVE-2023-7247

MEDIUM CVSS 4.9 2024-03-11

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2021-24195 - Login As User Or Customer User Switching Plugin

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Login as User or Customer (User Switching) WordPress plugin before 1.8, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.

PLUGIN Login As User Or Customer User Switching

CVE-2021-24195

HIGH CVSS 8.8 2021-05-14