What the vulnerability does
01Description
Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js allows Password Recovery Exploitation. This issue affects Faust.Js: from n/a through 1.8.7.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js allows Password Recovery Exploitation. This issue affects Faust.Js: from n/a through 1.8.7.
Explanation of Vulnerability in Simple Terms
Faust.js versions up to 1.8.7 contain an authentication bypass vulnerability. An attacker with low-level privileges can read sensitive data, modify site content, or disrupt service availability. The vulnerability requires network access but no user interaction. Update to a version newer than 1.8.7 to remediate.
What an attacker can do
Read sensitive data, modify content, or disrupt service availability with low-level account access.
Potential impact on your site
Authenticated users with low privileges can access restricted data and modify site content without authorization.
Conditions required to exploit
Attacker needs a low-privilege account; network access only.
Key dates
External resources
Related vulnerabilities