Primary

Context

Ifkooo One-Login Privilege Escalation Vulnerability

Vulnerability

A privilege escalation vulnerability has been identified in the Ifkooo One-Login WordPress plugin, affecting versions through 1.4. This vulnerability allows users to gain elevated privileges, potentially leading to full control over the website.

Impact

Exploitation of this vulnerability could allow a user to escalate privileges, gaining higher access rights and possibly full control over the WordPress site.

Remediation

Users are advised to remove or replace the One-Login WordPress plugin, as it is likely abandoned and has not been updated in over a year. Deactivating the plugin does not eliminate the security risk unless a virtual patch is applied. Patchstack offers a virtual patch to mitigate this vulnerability until an official fix is available.

Added: Jun 9, 2025, 5:04 PM

Updated: Jun 9, 2025, 5:04 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ifkooo One-Login Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating