WordPress Plugin Vulnerabilities

Portable phpMyAdmin 1.4.1 - Multiple Script Direct Request Authentication Bypass

Description

The portable-phpmyadmin WordPress plugin was affected by a Multiple Script Direct Request Authentication Bypass security vulnerability.

Affects Plugins

Plugin icon
portable-phpmyadmin
No known fix

References

CVE
CVE-2013-4462
URL
https://seclists.org/oss-sec/2013/q4/138

Classification

Type
AUTHBYPASS
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-287
CVSS
9.1 (critical)

Miscellaneous

Verified
No
WPVDB ID
d9785e3b-25e1-41f7-91b2-8e4341b94b36

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2025-12-12
Title
Ninja Forms < 3.13.3 - Unauthenticated Token Generation and Submission Disclosure
Published
2026-02-23
Title
WeDesignTech Ultimate Booking Addon <= 1.0.1 - Authentication Bypass
Published
2024-07-24
Title
PowerPack for Beaver Builder < 2.33.1 - Contributor+ Privilege Escalation
Published
2025-03-04
Title
WP Real Estate Manager <= 2.8 - Authentication Bypass
Published
2014-08-01
Title
Editorial Calendar 2.6 - Permission Verification Arbitrary Calendar Post Deletion