The WP User Switch plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.2. This is due to incorrect authentication checking in the wpus_allow_user_to_admin_bar_menu function with the wpus_who_switch cookie value. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to log in as any existing user on the site, such as an administrator, if they have access to the username.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Wp_user_switch | Wp_user_switch_project | * | 1.0.2 (including) |