CVE-2025-1638 | Edge-Themes Alloggio Membership Plugin up to 1.1 on WordPress authentication bypass

Inserito da Angelo Barbosa | Mar 1, 2025 | CVE

A vulnerability was found in Edge-Themes Alloggio Membership Plugin up to 1.1 on WordPress. It has been rated as critical. This issue affects the function alloggio_membership_init_rest_api_facebook_login/alloggio_membership_init_rest_api_google_login. The manipulation leads to authentication bypass using alternate channel.

The identification of this vulnerability is CVE-2025-1638. The attack may be initiated remotely. There is no exploit available.

CVE-2025-1638 | Edge-Themes Alloggio Membership Plugin up to 1.1 on WordPress authentication bypass

Post correlati

CVE-2024-0987 | Sichuan Yougou Technology KuERP up to 1.0.4 /runtime/log neutralization for logs

CVE-2024-39781 | Wavlink AC3000 M33A8.V5030.210505 adm.cgi sch_reboot restart_hour command injection (TALOS-2024-2033)

CVE-2024-53865 | python-zhmcclient up to 1.18.0 HMC Web Service API cleartext storage (GHSA-p57h-3cmc-xpjq)

CVE-2024-35705 | Ciprian Popescu Block for Font Awesome Plugin up to 1.4.4 on WordPress cross site scripting