Description

An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability.

Remediation

References

CVE-2021-40693

Related Vulnerabilities

WordPress Plugin Edwiser Bridge-WordPress Moodle LMS Integration Multiple Cross-Site Request Forgery Vulnerabilities (2.0.6)

WordPress Multiple Cross-Site Scripting Vulnerabilities (4.1 - 4.2.1)

Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-9757)

WordPress Plugin Country State City Dropdown CF7 Security Bypass (2.7.1)

WordPress Plugin YARPP-Yet Another Related Posts Local File Inclusion (5.30.3)

Severity

Medium

Classification

CVE-2021-40693 CWE-287 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities