Wowonder - Wowonder CVE

Filtered by vendor Wowonder Subscribe

Filtered by product Wowonder

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-27200	1 Wowonder	1 Wowonder	2022-07-12	7.5 HIGH	9.8 CRITICAL
In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. The code parameter is easily predicted from the time of day.

Vulnerabilities (CVE)