Vulnerabilities (CVE)

Filtered by vendor Wptimecapsule Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-8771 1 Wptimecapsule 1 Wp Time Capsule 2024-11-21 7.5 HIGH 9.8 CRITICAL
The Time Capsule plugin before 1.21.16 for WordPress has an authentication bypass. Any request containing IWP_JSON_PREFIX causes the client to be logged in as the first account on the list of administrator accounts.