Skip to Content
Cloud WAF Cloud WAF
  • Products
    • Cloud WAF
    • Kubernetes WAF
    • On Premises WAF
    • WAF API Gateway
    • Bot Protection
    • Layer 7 DDoS Protection
    • WAF as service
  • Solution
    • By Industry
      • E-Commerce
      • Healthcare
      • Education
      • Financial Services
    • By Cloud
      • Containers Service Mesh
      • Google Cloud
      • Microsoft Azure
      • AWS Waf
      • SaaS
      • Hybrid Cloud
      • Private Cloud
  • Partners
  • Customers
  • Pricing
  • About Us
    • OverView
      • About Us
      • Compliance
      • Pricing
      • Contact Us
    • Functional View
      • How it works
      • Integration
      • Why choose Us?
  • Resources
    • Case Studies
    • Blog
    • Common Vulnerabilities and Exposures
    • Learn Cyber Security
    • WAF Comparison
    • Documentation
    • FAQ
Free Trial Free Trial
Free Trial

Simple JWT Login Plugin up to 3.2.x on WordPress Password Creation str_shuffle inadequate encryption

  • Virtual Patching
  • December 30, 2021
  • 8:12 am

A vulnerability, which was classified as problematic, has been found in Simple JWT Login Plugin up to 3.2.x on WordPress (WordPress Plugin). This issue affects the function str_shuffle of the component Password Creation. Upgrading to version 3.3.0 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at plugins.trac.wordpress.org. The best possible mitigation is suggested to be upgrading to the latest version.

  • Virtual Patching
  • December 30, 2021
  • 8:12 am

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-28843 : PAYPAL UP TO 3.16.3 ON PRESTASHOP SQL INJECTION

CVE-2023-28843 : PAYPAL UP TO 3.16.3 ON PRESTASHOP SQL INJECTION

Description PrestaShop/paypal is an open source module for the PrestaShop web commerce ecosystem which provides paypal payment support. A SQL

Learn more
CVE-2023-28727 : PANASONIC AISEG2 UP TO 2.93A HEADER X-FORWARDED-FOR IMPROPER AUTHENTICATION

CVE-2023-28727 : PANASONIC AISEG2 UP TO 2.93A HEADER X-FORWARDED-FOR IMPROPER AUTHENTICATION

Description Panasonic AiSEG2 versions 2.00J through 2.93A allows adjacent attackers bypass authentication due to mishandling of X-Forwarded-For headers. References https://www2.panasonic.biz/jp/densetsu/aiseg/firmup_info.html

Learn more
CVE-2022-36980 : IVANTI AVALANCHE 6.3.2.3490 ENTERPRISESERVER SERVICE TOCTOU

CVE-2022-36980 : IVANTI AVALANCHE 6.3.2.3490 ENTERPRISESERVER SERVICE TOCTOU

Description This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required

Learn more

Why Prophaze ?
Request Demo

Questions
Partners
Privacy Policy
Terms of Service

Plans
WAF Pricing
Blog
CVEs
Case Studies
Make in India WAF
WAF Pricing
Free WAF
Webinar
System Status

Protection from all threats
DDoS protection
Automated security policy
AI firewall
Zero-configuration
Dashboard
API security
Compliance
Security updates
Virtual patching

Contact Us

Contact Prophaze Labs:

India : +91 7994 008 420

Email : security@prophaze.com

© 2023 Copyright © Prophaze Technologies Pvt. Ltd. All rights reserved. Terms & Conditions | Legal and Privacy | Manage Cookies