exploit
-
You can log in on anybodys account if they haven’t set up a qr code yet with
http://yoursite.com/wp-login.php?user_id=1&qr_code=&
You should validate data better.
The topic ‘exploit’ is closed to new replies.
- 1 participant
- Last activity: 9 years, 6 months ago
- Status: not resolved