CVE-2025-1638 [CRITICAL] :

The Alloggio Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity through the alloggio_membership_init_rest_api_facebook_login and alloggio_membership_init_rest_api_google_login functions. This makes it possible for unauthenticated attackers to log in as any user, including administrators, without knowing a password.

OSINT Updates

news
osint

Your weekly dose of OSINT Updates every Wednesday. A free OSINT newsletter delivering what people want to read. Click to read OSINT Updates, by OSINT Ambition, a Substack publication with thousands of subscribers.

Visit Website