WordPress plugin serious error allows administrators to log in without password
A severe authentication bypass vulnerability allowed anyone to log in as an administrator to an affected version of a WordPress website running the InfiniteWP Client due to a logic error in the code. Based on active installations tracked by the WordPress plugin library, the open-source InfiniteWP plugin is currently installed on more than 300,000 [...]