QwikSec

Security Database

CVE

CWE

Training

CVE-2022-0593

Published: Mar 14, 2022

Modified: Aug 2, 2024

PUBLISHED

Description

The Login with phone number WordPress plugin before 1.3.7 includes a file delete.php with no form of authentication or authorization checks placed in the plugin directory, allowing unauthenticated user to remotely delete the plugin files leading to a potential Denial of Service situation.

Vendor	Product	Versions
Unknown	Login with phone number	affected `1.3.7 - < 1.3.7`

Weaknesses (CWE)

References

https://wpscan.com/vulnerability/76a50157-04b5-43e8-afbc-a6ddf6d1cba3

x_refsource_MISC

https://wordpress.org/plugins/login-with-phone-number

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.