This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Critical Auth Bypass in Relais 2FA plugin. π **Consequences**: Attackers can bypass login screens entirely. Full site compromise is imminent. Admin accounts are at risk.β¦
π **CWE**: CWE-288 (Authentication Bypass). π **Flaw**: Incorrect logic in `rl_do_ajax` function. β **Root Cause**: Missing or flawed capability checks. β οΈ **Result**: Security controls are ignored by the server.
Q3Who is affected? (Versions/Components)
π’ **Vendor**: mobisoft974. π¦ **Product**: Relais 2FA for WordPress. π **Affected**: Versions **1.0 and earlier**. β **Safe**: Versions > 1.0 (likely). π **Platform**: WordPress sites using this specific plugin.
Q4What can hackers do? (Privileges/Data)
π **Privileges**: Login as **ANY** user. π‘οΈ **Target**: Especially **Administrators**. π§ **Requirement**: Attacker needs victim's email. πΎ **Data**: Full access to site content.β¦
β‘ **Threshold**: **LOW**. π« **Auth**: **Unauthenticated** attack. π±οΈ **UI**: No user interaction needed. π **Network**: Remote exploitation via AJAX. πΆ **Ease**: Trivial to execute.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π» **Exploit**: **Yes**, Public PoC exists. π **Link**: GitHub by RandomRobbieBF. π **Method**: POST request to `admin-ajax.php`. π **Status**: Active exploitation possible. β οΈ **Risk**: High visibility for attackers.