Vulnerabilities > CVE-2021-24906 - Unspecified vulnerability in Wp-Experts Protect WP Admin
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib/pwa-deactivate.php file, which could allow unauthenticated users to disable the plugin (and therefore the protection offered) via a crafted request
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |