Wp-buy Login As User Or Customer (user Switching) — known CVE vulnerabilities
Every CVE whose affected-product data names Wp-buy Login As User Or Customer (user Switching), ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-4305 — CVSS 9.8 (critical): The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another…
CVE-2021-24195 — CVSS 8.8 (high): Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Login as User or Customer (User Switching)…
CVE-2023-7247 — CVSS 4.9 (medium): The Login as User or Customer WordPress plugin through 3.8 does not prevent users to log in as any other user on the site.