Cyber Resilience

CVE-2022-4305

CriticalPublic PoC

Published: 23 January 2023

Published
23 January 2023
Modified
03 April 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.8305 99.3th percentile
Risk Priority 69 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-4305 is a critical-severity an unspecified weakness vulnerability in Wp-Buy Login As User Or Customer \(User Switching\). Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 0.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

The vulnerability is an authorization bypass in the Login as User or Customer WordPress plugin prior to version 3.3. The plugin fails to verify that the requesting party is permitted to assume another identity, enabling direct acquisition of authentication tokens for arbitrary accounts including administrators.

Unauthenticated remote attackers can exploit the flaw over the network to obtain a valid admin session without any user interaction or credentials. Successful exploitation grants full administrative control over the affected WordPress site, allowing arbitrary content changes, plugin installation, or further lateral movement within the hosting environment.

The referenced WPScan advisory identifies the issue in versions before 3.3 and indicates that updating to the fixed release restores the missing authorization checks. The EPSS score has reached a peak of 0.8887 with a current value of 0.8305, reflecting sustained exploitation interest after public disclosure.

EU & UK References

Vulnerability details

The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session.

CWE(s)
None listed

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

wp-buy
login as user or customer \(user switching\)
≤ 3.3

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References