WordPress Plugin Vulnerabilities

Wechat Social login <= 1.3.0 - Authentication Bypass

Description

The Wechat Social login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.3.0. This is due to insufficient verification on the user being supplied during the social login. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id. This is only exploitable if the app secret is not set, so it has a default empty value.

Affects Plugins

Plugin icon
wechat-social-login
No known fix

References

CVE
CVE-2024-9106
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/1bd44471-1a9c-4465-a52a-be64d51e7ea1

Classification

Type
AUTHBYPASS
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-287
CVSS
9.8 (critical)

Miscellaneous

Original Researcher
István Márton
Verified
No
WPVDB ID
5f05238d-897c-4fd9-af55-6fcc5111ca4a

Timeline

Publicly Published
2024-09-30 (about 1 year ago)
Added
2024-09-30 (about 1 year ago)
Last Updated
2024-09-30 (about 1 year ago)

Other

Published
Title
Published
2022-06-27
Title
OAuth Single Sign On < 6.22.6 - Authentication Bypass
Published
2015-01-17
Title
Pie Register <= 2.0.13 - Privilege escalation
Published
2014-08-01
Title
Portable phpMyAdmin 1.4.1 - Multiple Script Direct Request Authentication Bypass
Published
2025-03-13
Title
Civi <= 2.1.4 - Authentication Bypass via Non-Randomized Password for SSO Accounts
Published
2020-02-06
Title
Ultimate Membership Pro < 8.6.1 - Multiple Critical Vulnerabilities