WordPress Plugin Vulnerabilities

Backup and Staging by WP Time Capsule < 1.22.21 - Authentication Bypass to Account Takeover

Description

The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.22.20. This is due to wptc_decode_auth_token() function using a loose comparison. This makes it possible for unauthenticated attackers to bypass authentication and access user accounts, including those that may have administrative access. This vulnerability does require a site to have a connection to wptimecapsule.com in order to be exploited.

Affects Plugins

Fixed in 1.22.21

References

Classification

Miscellaneous

Original Researcher
Dave Jong
Verified
No

Timeline

Publicly Published
2024-07-13 (about 1 year ago)
Added
2024-08-10 (about 1 year ago)
Last Updated
2024-08-10 (about 1 year ago)

Other