A business logic issue in the MStore API WordPress plugin, versions prior to 3.2.0, had an authentication bypass with Sign In With Apple allowing unauthenticated users to recover an authentication cookie with only an email address.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
inspireui mstore api |