cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-9947,https://securityvulnerability.io/vulnerability/CVE-2024-9947,Authenticatiom Bypass Vulnerability in ProfilePress Pro Plugin for WordPress,"The ProfilePress Pro plugin for WordPress exhibits a vulnerability that allows for authentication bypass, enabling unauthenticated attackers to gain access to any existing user account, including those with administrative privileges. This security issue arises from inadequate verification processes associated with the social login tokens used within the plugin. If an attacker possesses the email of a user who has not previously created an account for the social login service that issues the token, they can exploit this flaw to log in as that user. This presents a significant risk to websites utilizing the affected plugin versions, as it compromises account security and potentially exposes sensitive site operations.",Wordpress,Profilepress Pro,9.8,CRITICAL,0.000910000002477318,false,,false,false,false,,false,false,2024-10-23T06:45:06.442Z,0