NextAuth.js is an open source authentication solution for Next.js applications. `next-auth` applications using OAuth provider versions before `v4.20.1` have been found to be subject to an authenticati ...
Continue ReadingMarch 09, 2023
Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as [Wordfence Intelligence](). This database is continuously upd ...
Continue ReadingMarch 09, 2023
The plugin does not have CSRF checks when deleting Identity Providers (IdP), which could allow attackers to make logged in admins delete arbitrary IdP via a CSRF attack ### PoC The PoC will be display ...
Continue ReadingMarch 07, 2023
The plugin does not have CSRF checks when deleting Identity Providers (IdP), which could allow attackers to make logged in admins delete arbitrary IdP via a CSRF attackRead More ...
Continue ReadingMarch 07, 2023
The plugin does not have CSRF checks when deleting Identity Providers (IdP), which could allow attackers to make logged in admins delete arbitrary IdP via a CSRF attack ### PoC The PoC will be display ...
Continue ReadingMarch 07, 2023
The plugin does not have CSRF checks when deleting Identity Providers (IdP), which could allow attackers to make logged in admins delete arbitrary IdP via a CSRF attackRead More ...
Continue ReadingMarch 07, 2023
The plugin does not have CSRF checks when deleting Identity Providers (IdP), which could allow attackers to make logged in admins delete arbitrary IdP via a CSRF attack ### PoC The PoC will be display ...
Continue ReadingMarch 07, 2023
Back to Main