漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
MStore API < 3.2.0 - Authentication Bypass With Sign In With Apple
Vulnerability Description
A business logic issue in the MStore API WordPress plugin, versions before 3.2.0, had an authentication bypass with Sign In With Apple allowing unauthenticated users to recover an authentication cookie with only an email address.
CVSS Information
N/A
Vulnerability Type
认证机制不恰当
Vulnerability Title
Wordpress MStore API 授权问题漏洞
Vulnerability Description
Wordpress MStore API是 (Wordpress)开源的一个应用插件。提供一个用于配置Mstore,FluxStore移动设备,并支持RestAPI连接到应用程序功能。 WordPress MStore API plugin 3.2.0之前版本存在授权问题漏洞,该漏洞允许未经身份验证的用户只需要一个电子邮件地址就可以恢复身份验证cookie。
CVSS Information
N/A
Vulnerability Type
N/A