Login as User or Customer — User Switching

Vulnerabilities 14Slug login-as-customer-or-userLatest version 4.1.0WordPress.org →

Minimum safe version

3.9.1

Update to 3.9.1 or later to address 13 fixable vulnerabilities

Latest available4.1.0 ⚠ 1 vulnerability has no fix
Medium 4.9 Unfixed
2024-03-11≤ 3.8

Login as User or Customer <= 3.8 - Admin Account Takeover

CVEWordfenceWPScan
Critical 9.8
2024-12-27< 3.9.1

WordPress Login as User or Customer (User Switching) Plugin <= 3.8 is vulnerable to Privilege Escalation

PatchstackCVEWordfenceWPScan
N/A
2021-04-22< 2.1

Login as User or Customer <= 2.1 - Cross-Site Request Forgery to Arbitrary Plugin Installation/Activation

Wordfence
N/A
< 2.1

Multiple WP-Buy Plugins - Arbitrary Plugin Installation/Activation via CSRF

WPScan
N/A
2021-04-22< 1.8

WordPress Login as User or Customer (User Switching) plugin <= 1.7 - Arbitrary Plugin Installation and Activation vulnerability

Patchstack
High 8.8
2021-05-14< 1.8

CVE-2021-24190

CVE
High 8.8
2021-05-14< 1.8

CVE-2021-24189

CVE
High 8.8
2021-05-14< 1.8

CVE-2021-24188

CVE
High 8.8
2021-05-14< 1.8

CVE-2021-24194

CVE
High 8.8
2021-05-14< 1.8

CVE-2021-24192

CVE
High 8.8
2021-05-14< 1.8

CVE-2021-24193

CVE
High 8.8
2021-05-14< 1.8

CVE-2021-24191

CVE