Affected plugin | WordFence Login Security |
Active installs | 50,000+ |
Vulnerable version | <= 1.0.11 |
Audited version | 1.0.10 |
Fully patched version | – |
Recommended remediation | PENDING |
Description
The plugin stores users’ emergency backup codes and TOTP secrets as plaintext in the database.
An attacker that can obtain one of the seemingly never-ending read-only SQL-Injections will be able to bypass all 2FA checks for all users indefinitely.
Proof of concept
Proposed patch
Timeline
Vendor contacted | September 08, 2022 |
First Response | September 08, 2022 |
Fully patched at | – |
Publicly disclosed | April 24, 2023 |
Leave a Reply