CVE-2024-32832
published 2025-08-31CVE-2024-32832: Missing Authorization vulnerability in Hamid Alinia Login with phone number login-with-phone-number.This issue affects Login with phone number: from n/a…
PriorityP272critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.34%
25.7th percentile
Missing Authorization vulnerability in Hamid Alinia Login with phone number login-with-phone-number.This issue affects Login with phone number: from n/a through <= 1.6.93.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hamid_alinia | login_with_phone_number | <= 1.6.93 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7w37-3fmj-m88q: Missing Authorization vulnerability in Hamid Alinia Login with phone number
ghsa_unreviewed·2025-08-31
CVE-2024-32832 [CRITICAL] CWE-862 GHSA-7w37-3fmj-m88q: Missing Authorization vulnerability in Hamid Alinia Login with phone number
Missing Authorization vulnerability in Hamid Alinia Login with phone number.This issue affects Login with phone number: from n/a through 1.6.93.
VulnCheck
Login with Phone Number Plugin Missing Authorization Vulnerability
vulncheck·2024
CVE-2024-32832 Login with Phone Number Plugin Missing Authorization Vulnerability
Login with Phone Number Plugin Missing Authorization Vulnerability
Login with phone number up to and including 1.6.93 is vulnerable to a security bypass in an unspecified function that could allow unauthenticated adversaries to perform unauthorized actions.
Affected: Hamid Alinia Login with phone number
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://patchstack.com/database/wordpress/plugin/login-with-phone-number/vulnerability/wordpress-login-with-phone-number-plugin-1-6-93-broken-access-control-vulnerability
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-08-31
Published
Exploited in the wild