Vulnerabilities > CVE-2019-15871 - Missing Authorization vulnerability in Wpbrigade Loginpress

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
wpbrigade
CWE-862

Summary

The LoginPress plugin before 1.1.4 for WordPress has no capability check for updates to settings.

Common Weakness Enumeration (CWE)