Lucene search
Lana Codes (Patchstack Alliance)PATCHSTACK:BEC359863FB6AA3A240B08E602BAEF73HistoryOct 31, 2022 - 12:00 a.m.
WordPress miniOrange's Google Authenticator plugin <= 5.6.1 - Broken Access Control vulnerability
2022-10-3100:00:00
Lana Codes (Patchstack Alliance)
patchstack.com
11
wordpress
miniorange
google authenticator
plugin
access control
vulnerability
patchstack alliance
update
EPSS
0.001
Percentile
34.7%
Broken Access Control vulnerability leading to Plugin Settings Change discovered by Lana Codes (Patchstack Alliance) in WordPress miniOrange’s Google Authenticator plugin (versions <= 5.6.1).
Solution
Update the WordPress miniOrange's Google Authenticator plugin to the latest available version (at least 5.6.2).
Related
cve
cve
CVE-2022-42461
2022-11-18 20:15:09
prion
prion
Improper access control
2022-11-18 20:15:00
cnvd
cnvd
WordPress Google Authenticator has an unspecified vulnerability
2022-11-23 00:00:00
cvelist
cvelist
wpvulndb
wpvulndb
miniOrange's Google Authenticator < 5.6.2 - Subscriber+ Settings Update
2022-10-31 00:00:00
nvd
nvd
CVE-2022-42461
2022-11-18 20:15:09