Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:58 a.m.6 views

CVE-2023-1093

The OAuth Single Sign On WordPress plugin before 6.24.2 does not have CSRF checks when discarding Identify providers IdP, which could allow attackers to make logged in admins delete all IdP via a CSRF attack...

6.5CVSS6.5AI score0.00326EPSS
Exploits2References1
NVD
NVD
added 2023/03/27 4:15 p.m.19 views

CVE-2023-1093

The OAuth Single Sign On WordPress plugin before 6.24.2 does not have CSRF checks when discarding Identify providers IdP, which could allow attackers to make logged in admins delete all IdP via a CSRF attack...

6.5CVSS6.4AI score0.00326EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/03/27 3:37 p.m.33 views

CVE-2023-1093 OAuth Single Sign On - SSO (OAuth Client) < 6.24.2 - IdP Discard via CSRF

The OAuth Single Sign On WordPress plugin before 6.24.2 does not have CSRF checks when discarding Identify providers IdP, which could allow attackers to make logged in admins delete all IdP via a CSRF attack...

6.6AI score0.00326EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/03/27 3:37 p.m.8 views

CVE-2023-1093 OAuth Single Sign On - SSO (OAuth Client) < 6.24.2 - IdP Discard via CSRF

The OAuth Single Sign On WordPress plugin before 6.24.2 does not have CSRF checks when discarding Identify providers IdP, which could allow attackers to make logged in admins delete all IdP via a CSRF attack...

6.4AI score0.00326EPSS
Exploits2References1
CVE
CVE
added 2023/03/27 3:37 p.m.72 views

CVE-2023-1093

The CVE-2023-1093 entry concerns the OAuth Single Sign On WordPress plugin. Affected: OAuth SSO WordPress plugin versions prior to 6.24.2. Issue: missing CSRF checks when discarding Identify providers (IdP), enabling CSRF attacks that could cause a logged-in admin to delete all IdP configurations...

6.5CVSS6.3AI score0.00326EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder