CVE-2023-1093 in OAuth Single Sign On Pluginالمعلومات

الملخص

بحسب MITRE • 27/03/2023

The OAuth Single Sign On WordPress plugin before 6.24.2 does not have CSRF checks when discarding Identify providers (IdP), which could allow attackers to make logged in admins delete all IdP via a CSRF attack

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

حجز

28/02/2023

إفشاء

27/03/2023

الاعتدال

تمت الموافقة

إدخال

VDB-224077

CPE

جاهز

CWE

CWE-352 (مؤكد)

CVSS

6.5 (NVD)

EPSS

0.00097

KEV

لا

النشاطات

منخفض جدًا

القطاع

Hostingprovider

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2023-1093
NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-1093
CVE Details	https://www.cvedetails.com/cve/CVE-2023-1093/

التالي ▸نظرة عامة ◂ السابق

Might our Artificial Intelligence support you?

Check our Alexa App!