OAuth Dynamic Client Registration requires specifying redirect URIs during the registration process. When the OAuth server accepts permissive redirect URIs, such as those allowing arbitrary hosts or o ...
Continue Reading
July 18, 2025
This is an informational plugin to inform the user that the scanner has detected a publicly accessible OAuth Dynamic Client Registration endpoint on the target application. OAuth Dynamic Client Regist ...
Continue Reading
July 18, 2025
The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.0.1. This is due to insufficient verification on the user being returned by the s ...
Continue Reading
July 18, 2025
The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.0.1. This is due to insufficient verification on the user being returned by the s ...
Continue Reading
July 18, 2025
The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.0.1. This is due to insufficient verification on the user being returned by the s ...
Continue Reading
July 18, 2025
Software LoginPress Pro Type Plugin Vulnerable versions <= 5.0.1 Fixed in 5.0.2 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2025 ...
Continue Reading
July 18, 2025
better-auth is vulnerable to open redirect. The vulnerability is due to improper validation of user-supplied URLs in the originCheck middleware, which allows an attacker to redirect users to arbitrary ...
Continue Reading
July 16, 2025
AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privil ...
Continue Reading
July 15, 2025
Back to Main
