Saad Iqbal All In One Login Authentication Bypass Vulnerability

Vulnerability

An authentication bypass vulnerability allowing identity spoofing has been identified in the Saad Iqbal All In One Login WordPress plugin, specifically in versions through 2.0.8. This vulnerability arises from improper authentication mechanisms, enabling users to bypass login requirements and potentially impersonate other users.

Impact

Exploitation of this vulnerability allows for authentication bypass, enabling identity spoofing. This could lead to unauthorized access to user accounts or administrative privileges, depending on the roles of the impersonated users.

Added: Nov 6, 2025, 4:41 PM

Updated: Nov 6, 2025, 9:10 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

1.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

1.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Saad Iqbal All In One Login Authentication Bypass Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating