mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-30 04:59:31 +02:00
0xMarcio
890 B
890 B
CVE-2025-1564
Description
The SetSail Membership plugin for WordPress is vulnerable to in all versions up to, and including, 1.0.3. This is due to the plugin not properly verifying a users identity through the social login. This makes it possible for unauthenticated attackers to log in as any user, including administrators and take over access to their account.
POC
Reference
No PoCs from references.