CVE-2024-9289 | RedefiningTheWeb WordPress & WooCommerce Affiliate Program Plugin up to 8.4.1 on WordPress rtwwwap_login_request_callback authentication bypass

Posted by Angelo Barbosa | Oct 1, 2024 | CVE

A vulnerability, which was classified as critical, was found in RedefiningTheWeb WordPress & WooCommerce Affiliate Program Plugin up to 8.4.1 on WordPress. This affects the function rtwwwap_login_request_callback. The manipulation leads to authentication bypass using alternate channel.

This vulnerability is uniquely identified as CVE-2024-9289. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-9289 | RedefiningTheWeb WordPress & WooCommerce Affiliate Program Plugin up to 8.4.1 on WordPress rtwwwap_login_request_callback authentication bypass

Related Posts

CVE-2024-31413 | OMRON CX-One Project File buffer overflow (OMSR-2024-002)

CVE-2024-43776 | Huachu Digital Technology Easytest Online Test Platform up to er.24E01 Mock Exam qlevel sql injection

CVE-2024-25714 | Rhonabwy up to 1.1.13 HMAC strcmp signature verification

CVE-2024-31390 | Soflyy Breakdance Plugin up to 1.7.0 on WordPress code injection