{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2418", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "state": "PUBLISHED", "assignerShortName": "WPScan", "dateReserved": "2026-02-12T18:55:02.208Z", "datePublished": "2026-03-05T06:00:03.313Z", "dateUpdated": "2026-04-02T12:39:57.832Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2026-04-02T12:39:57.832Z"}, "title": "Login with Salesforce <= 1.0.2 - Unauthenticated Authentication Bypass", "problemTypes": [{"descriptions": [{"description": "CWE-287 Improper Authentication", "lang": "en", "type": "CWE"}]}], "affected": [{"vendor": "Unknown", "product": "Login with Salesforce", "versions": [{"status": "affected", "versionType": "semver", "version": "0", "lessThanOrEqual": "1.0.2"}], "defaultStatus": "unknown"}], "descriptions": [{"lang": "en", "value": "The Login with Salesforce WordPress plugin through 1.0.2 does not validate that users are allowed to login through Salesforce, allowing unauthenticated users to be authenticated as any user (such as admin) by simply knowing the email"}], "references": [{"url": "https://wpscan.com/vulnerability/b25c6cbc-39e7-4fa0-af0b-ee7759d2c497/", "tags": ["exploit", "vdb-entry", "technical-description"]}], "credits": [{"lang": "en", "value": "Khaled Alenazi (Nxploited)", "type": "finder"}, {"lang": "en", "value": "WPScan", "type": "coordinator"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "WPScan CVE Generator"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-06T10:22:39.897835Z", "id": "CVE-2026-2418", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-06T10:23:16.348Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-2418", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-06T10:22:39.897835Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-06T10:23:09.130Z"}}], "cna": {"title": "Login with Salesforce <= 1.0.2 - Unauthenticated Authentication Bypass", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Khaled Alenazi (Nxploited)"}, {"lang": "en", "type": "coordinator", "value": "WPScan"}], "affected": [{"vendor": "Unknown", "product": "Login with Salesforce", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.0.2"}], "defaultStatus": "unknown"}], "references": [{"url": "https://wpscan.com/vulnerability/b25c6cbc-39e7-4fa0-af0b-ee7759d2c497/", "tags": ["exploit", "vdb-entry", "technical-description"]}], "x_generator": {"engine": "WPScan CVE Generator"}, "descriptions": [{"lang": "en", "value": "The Login with Salesforce WordPress plugin through 1.0.2 does not validate that users are allowed to login through Salesforce, allowing unauthenticated users to be authenticated as any user (such as admin) by simply knowing the email"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-287 Improper Authentication"}]}], "providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2026-04-02T12:39:57.832Z"}}}, "cveMetadata": {"cveId": "CVE-2026-2418", "state": "PUBLISHED", "dateUpdated": "2026-04-02T12:39:57.832Z", "dateReserved": "2026-02-12T18:55:02.208Z", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "datePublished": "2026-03-05T06:00:03.313Z", "assignerShortName": "WPScan"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Login with Salesforce WordPress plugin through 1.0.2 does not validate that users are allowed to login through Salesforce, allowing unauthenticated users to be authenticated as any user (such as admin) by simply knowing the email"}, {"lang": "es", "value": "El plugin de WordPress Login with Salesforce hasta la versi\u00f3n 1.0.2 no valida que los usuarios tengan permiso para iniciar sesi\u00f3n a trav\u00e9s de Salesforce, permitiendo que usuarios no autenticados sean autenticados como cualquier usuario (como un administrador) simplemente conociendo el correo electr\u00f3nico."}], "id": "CVE-2026-2418", "lastModified": "2026-04-15T14:42:29.303", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-05T06:16:51.883", "references": [{"source": "contact@wpscan.com", "url": "https://wpscan.com/vulnerability/b25c6cbc-39e7-4fa0-af0b-ee7759d2c497/"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Deferred"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.0.2]"}}], "enrichment": {"confidence": 75.0, "confidence_source": "inferred", "scores": [{"score": 75.0, "source": "inferred"}]}, "original": {"product": "Login with Salesforce", "source": "cna", "vendor": "Unknown"}, "product": "login_with_salesforce", "vendor": "login_with_salesforce"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-16T12:32:20.618166+00:00", "value": {"mitigation_remediation": ["Update the Login with Salesforce plugin to the latest version that includes the authentication validation fix addressing improper authentication (CWE\u2011287).", "If a patched version is not yet available, deactivate or uninstall the plugin to eliminate the bypass route; meanwhile, enforce multi\u2011factor authentication and ensure only active Salesforce accounts can log in.", "Enable comprehensive logging of authentication attempts, monitor for anomalous activity, and apply rate limiting to mitigate unauthorized login attempts linked to improper authentication."], "summary": {"action": "Apply Patch", "impact": "Unauthenticated Authentication Bypass"}, "threat_synthesis": {"affected_systems": "WordPress sites that have installed the Login with Salesforce plugin version 1.0.2 or earlier are affected. The plugin, identified only as Login with Salesforce, is widely used to provide single sign\u2011on via Salesforce. No alternate product versions are listed, so any installation of the plugin at or below 1.0.2 must be considered vulnerable.", "description_and_impact": "The Login with Salesforce plugin for WordPress up to version 1.0.2 fails to validate that a user is permitted to authenticate via Salesforce. This omission allows an unauthenticated attacker to assume the identity of any site user, including administrators, by simply supplying a valid email address. The vulnerability directly undermines account confidentiality and can be leveraged for full site compromise.", "risk_and_exploitability": "The issue carries a CVSS score of 9.1, denoting critical impact. The EPSS score is below 1\u202f%, indicating a low probability of exploitation, yet the lack of authentication checks makes the attack surface very simple. Based on the description, it is inferred that the likely attack vector is a remote request to the plugin\u2019s authentication endpoint, where an attacker supplies a legitimate email address. The vulnerability is not currently in the CISA KEV catalog, but the potential for immediate privilege escalation warrants prompt remediation."}}}}, "created": "2026-03-06T15:08:06.490550+00:00", "updated": "2026-04-16T12:45:35.843600+00:00", "vendors": ["login_with_salesforce", "login_with_salesforce$PRODUCT$login_with_salesforce", "wordpress", "wordpress$PRODUCT$wordpress"], "weaknesses": ["CWE-287"]}