CVE-2024-9289 | RedefiningTheWeb WordPress & WooCommerce Affiliate Program Plugin up to 8.4.1 on WordPress rtwwwap_login_request_callback authentication bypass

A vulnerability, which was classified as critical, was found in RedefiningTheWeb WordPress & WooCommerce Affiliate Program Plugin up to 8.4.1 on WordPress. This affects the function rtwwwap_login_request_callback. The manipulation leads to authentication bypass using alternate channel.

This vulnerability is uniquely identified as CVE-2024-9289. It is possible to initiate the attack remotely. There is no exploit available.