The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session.

The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session.

Уязвимость плагина Login as User or Customer системы управления содержимым сайта WordPress, связанная с недостатками разграничения доступа, позволяющая нарушителю оказать влияние на целостность, доступность и конфиденциальность защищаемой информации