Fastly Secret Disclosure

Post ContentRead More ...

Continue Reading
CVE-2023-27490

NextAuth.js is an open source authentication solution for Next.js applications. `next-auth` applications using OAuth provider versions before `v4.20.1` have been found to be subject to an authenticati ...

Continue Reading
Wordfence Intelligence Weekly WordPress Vulnerability Report (Feb 27, 2023 to Mar 5, 2023)

Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as [Wordfence Intelligence](). This database is continuously upd ...

Continue Reading

CVSS3 - MEDIUM

OAuth Single Sign On – SSO (OAuth Client) Premium < 38.4.9 – IdP Deletion via CSRF

The plugin does not have CSRF checks when deleting Identity Providers (IdP), which could allow attackers to make logged in admins delete arbitrary IdP via a CSRF attack ### PoC The PoC will be display ...

Continue Reading
OAuth Single Sign On – SSO (OAuth Client) Premium < 38.4.9 – IdP Deletion via CSRF

The plugin does not have CSRF checks when deleting Identity Providers (IdP), which could allow attackers to make logged in admins delete arbitrary IdP via a CSRF attackRead More ...

Continue Reading
OAuth Single Sign On – SSO (OAuth Client) Standard < 28.4.9 – IdP Deletion via CSRF

The plugin does not have CSRF checks when deleting Identity Providers (IdP), which could allow attackers to make logged in admins delete arbitrary IdP via a CSRF attack ### PoC The PoC will be display ...

Continue Reading
OAuth Single Sign On – SSO (OAuth Client) Standard < 28.4.9 – IdP Deletion via CSRF

The plugin does not have CSRF checks when deleting Identity Providers (IdP), which could allow attackers to make logged in admins delete arbitrary IdP via a CSRF attackRead More ...

Continue Reading
OAuth Single Sign On – SSO (OAuth Client) Free < 6.24.2 – IdP Deletion via CSRF

The plugin does not have CSRF checks when deleting Identity Providers (IdP), which could allow attackers to make logged in admins delete arbitrary IdP via a CSRF attack ### PoC The PoC will be display ...

Continue Reading

Back to Main

Subscribe for the latest news:
Generated by Feedzy