What the vulnerability does
01Description
Unauthenticated Broken Authentication in CloudSecure WP Security <= 1.4.7 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Unauthenticated Broken Authentication in CloudSecure WP Security <= 1.4.7 versions.
Explanation of Vulnerability in Simple Terms
CloudSecure WP Security versions up to 1.4.7 contain an authentication bypass vulnerability. An attacker on the network can exploit this without credentials or user interaction to gain unauthorized access. The vulnerability allows reading sensitive data, modifying site content, and disrupting service. Update to a version newer than 1.4.7 immediately.
What an attacker can do
Bypass authentication and read sensitive data, modify site content, or disrupt service without credentials.
Potential impact on your site
Attackers can access your site's sensitive data, alter content, or take the site offline without needing a password.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities