Authentication Bypass Vulnerability in InfiniteWP Client

Authentication Bypass Vulnerability in InfiniteWP Client

An authentication bypass vulnerability affecting more than 300,000 InfiniteWP Client plugin users has recently been disclosed to the public. This plugin allows site owners to manage multiple websites from one central server using the InfiniteWP Server.

Due to the nature of this plugin, this is a serious vulnerability that should be patched as soon as possible to mitigate risk. InfiniteWP users can update their plugin with the latest version 1.9.4.5.

Continue reading Authentication Bypass Vulnerability in InfiniteWP Client <= 1.9.4.4  at Sucuri Blog.

Read more: Authentication Bypass Vulnerability in InfiniteWP Client

Story added 16. January 2020, content source with full text you can find at link above.