Lucene search
PatchstackCVELIST:CVE-2022-42461HistoryOct 31, 2022 - 12:00 a.m.
CVE-2022-42461 WordPress miniOrange's Google Authenticator plugin <= 5.6.1 - Broken Access Control vulnerability
2022-10-3100:00:00
CWE-264
Patchstack
www.cve.org
wordpress
miniorange
google authenticator
plugin
broken access control
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
8.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.9%
Broken Access Control vulnerability in miniOrange’s Google Authenticator plugin <= 5.6.1 on WordPress.
CNA Affected
[
{
"vendor": "miniOrange",
"product": "miniOrange's Google Authenticator (WordPress plugin)",
"versions": [
{
"version": "<= 5.6.1",
"status": "affected",
"lessThanOrEqual": "5.6.1",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2022-42461
2022-11-18 20:15:09
patchstack
patchstack
prion
prion
Improper access control
2022-11-18 20:15:00
cnvd
cnvd
WordPress Google Authenticator has an unspecified vulnerability
2022-11-23 00:00:00
nvd
nvd
CVE-2022-42461
2022-11-18 20:15:09
wpvulndb
wpvulndb
miniOrange's Google Authenticator < 5.6.2 - Subscriber+ Settings Update
2022-10-31 00:00:00
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
8.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.9%
Related for CVELIST:CVE-2022-42461