SSD Advisory – Auth Bypass and RCE in Infinite WP Admin Panel

1 Comment / Vulnerability publication / By

TL;DR Find out how a vulnerability in Infinite WP’s password reset mechanism allows an unauthenticated user to become authenticated and then carry out a Remote Code Execution. Vulnerability Summary InfiniteWP is “free self hosted, multiple WordPress site management solution. It simplifies your WordPress tasks with a click of a button”. A vulnerability in InfiniteWP allows …

SSD Advisory – Auth Bypass and RCE in Infinite WP Admin Panel Read More »