Browse all 3 CVE security advisories affecting logoninc. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Logoninc provides authentication and access management solutions for enterprise environments. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and insecure session management. While no major public security incidents have been widely reported, the three CVEs on record highlight persistent issues with authentication bypass and insecure direct object reference vulnerabilities. Their security posture appears typical for authentication vendors, with vulnerabilities primarily centered on session handling and access control mechanisms rather than data breaches or system compromise.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-13604 | KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin <= 1.7.4 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory — KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base PluginCWE-200 | 7.5 | High | 2025-04-05 |
| CVE-2024-8632 | KB Support – WordPress Help Desk and Knowledge Base <= 1.6.6 - Missing Authorization to Unauthenticated Ticket Reply Exposure — KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base PluginCWE-862 | 6.5 | Medium | 2024-10-01 |
| CVE-2024-8548 | KB Support – WordPress Help Desk and Knowledge Base <= 1.6.6 - Missing Authorization to Authenticated (Subscriber+) Multiple Administrator Actions — KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base PluginCWE-862 | 8.1 | High | 2024-10-01 |
This page lists every published CVE security advisory associated with logoninc. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.