Tag
The Login with NEAR plugin for WordPress is vulnerable to authentication bypass due to the `ajaxLoginWithNear()` function issuing valid authentication cookies based on a substring check of the `account` POST parameter, allowing unauthenticated attackers to log in as existing users or create new accounts.