Exploit for Missing Authentication for Critical Function in Really-Simple-Plugins Really Simple Security CVE-2024-10924

Name: Exploit for Missing Authentication for Critical Function in Really-Simple-Plugins Really Simple Security CVE-2024-10924
Rating: 5 (81 reviews)

2025-03-11 | CVSS 9.8

## https://sploitus.com/exploit?id=53C97FE7-DC5F-5B4B-84DC-6FD8CE0231CC
# CVE-2024-10924
CVE-2024-10924 - Authentication Bypass in ReallySimpleSSL Wordpress Plugin
A (PoC) exploit for CVE-2024-10924, authentication bypass vulnerability discovered in
Really Simple SSL WordPress plugin.
The vulnerability allows unauthorized attackers to bypass two-factor authentication mechanisms under specific conditions,
potentially gaining unauthorized access to accounts enabled 2fa include admins.
vulnerability affecting the Really Simple SSL WordPress plugin versions 9.0.0 to 9.1.1.1. Exploiting this flaw allows unauthenticated attackers to impersonate any existing user, including administrators, without requiring valid credentials