[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$frzO1DcTp-8wzt0wU4-1u9X1kVwvvtlCRrY61iHRV8QU":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":9,"severity":11,"cvss_score":12,"cvss_vector":13,"vuln_type":14,"published_date":15,"updated_date":16,"references":17,"days_to_patch":9},"CVE-2022-2350","disable-user-login-missing-authorization-to-unauthenticated-settings-update","Disable User Login \u003C= 1.0.1 - Missing Authorization to Unauthenticated Settings Update","The Disable User Login plugin for WordPress is vulnerable to unauthenticated settings update due to missing authentication when updating its settings in versions up to, and including, 9.8. This makes it possible for unauthenticated attackers to update the plugin's settings. Cross-Site Request Forgery protection is also not present.","wp-users-disable",null,"\u003C=1.0.1","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2022-09-14 00:00:00","2024-01-22 19:56:02",[18],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fcaa2bbdf-353e-49a2-b0e5-d9236848a211?source=api-prod"]