Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote malicious users to bypass a "disabled registration" setting by adding a non-existing wxopenid value to the plugin.php ac=wxregister query string.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
comsenz discuzx x3.4 |