How severe is CVE-2024-9820?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2024-9820?

This is classified as CWE-784, which is a common weakness in software security.

CVE-2024-9820

HIGH Year: 2024

CVSS v3 Score

7.5

High

Weakness Type

CWE-784

View all →

Vulnerability Description

The WP 2FA with Telegram plugin for WordPress is vulnerable to Two-Factor Authentication Bypass in versions up to, and including, 3.0. This is due to the two-factor code being stored in a cookie, which makes it possible to bypass two-factor authentication.

CVE-2020-8184

HIGH

CVSS:7.5(High)

A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie pre...

CWE-7842020

CVE-2023-3050

CRITICAL

CVSS:9.8(Critical)

Reliance on Cookies without Validation and Integrity Checking in a Security Decision vulnerability in TMT Lockcell allows Privilege Abuse, Authentication Bypass.This issue affects Lockcell: before 15.

CWE-7842023

CVE-2020-8184

HIGH

CVSS:7.5(High)

CWE-7842020

CVE-2022-3083

MEDIUM

CVSS:5.4(Medium)

All versions of Landis+Gyr E850 (ZMQ200) are vulnerable to CWE-784: Reliance on Cookies Without Validation and Integrity. The device's web application navigation depends on the value of the session co...

CWE-7842022

CVE-2024-9820

Vulnerability Description

Related Vulnerabilities

CVE-2020-8184

CVE-2023-3050

CVE-2020-8184

CVE-2022-3083