Wpcerber Wp Cerber vulnerabilities
2 known vulnerabilities affecting wpcerber/wp_cerber.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2021-37598P3MEDIUMCVSS 5.3PoCfixed in 8.9.32021-08-19
CVE-2021-37598 [MEDIUM] CWE-863 CVE-2021-37598: WP Cerber before 8.9.3 allows bypass of /wp-json access control via a trailing ? character.
WP Cerber before 8.9.3 allows bypass of /wp-json access control via a trailing ? character.
nvd
CVE-2021-37597P3CRITICALCVSS 9.8fixed in 8.9.32021-08-19
CVE-2021-37597 [CRITICAL] CWE-287 CVE-2021-37597: WP Cerber before 8.9.3 allows MFA bypass via wordpress_logged_in_[hash] manipulation.
WP Cerber before 8.9.3 allows MFA bypass via wordpress_logged_in_[hash] manipulation.
nvd