mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-29 20:39:28 +02:00
0xMarcio
953 B
953 B
CVE-2025-7955
Description
The RingCentral Communications plugin for WordPress is vulnerable to Authentication Bypass due to improper validation within the ringcentral_admin_login_2fa_verify() function in versions 1.5 to 1.6.8. This makes it possible for unauthenticated attackers to log in as any user simply by supplying identical bogus codes.
POC
Reference
No PoCs from references.