5 matches found
CVE-2023-1093
The OAuth Single Sign On WordPress plugin before 6.24.2 does not have CSRF checks when discarding Identify providers IdP, which could allow attackers to make logged in admins delete all IdP via a CSRF attack...
CVE-2023-1093
The OAuth Single Sign On WordPress plugin before 6.24.2 does not have CSRF checks when discarding Identify providers IdP, which could allow attackers to make logged in admins delete all IdP via a CSRF attack...
CVE-2023-1093 OAuth Single Sign On - SSO (OAuth Client) < 6.24.2 - IdP Discard via CSRF
The OAuth Single Sign On WordPress plugin before 6.24.2 does not have CSRF checks when discarding Identify providers IdP, which could allow attackers to make logged in admins delete all IdP via a CSRF attack...
CVE-2023-1093 OAuth Single Sign On - SSO (OAuth Client) < 6.24.2 - IdP Discard via CSRF
The OAuth Single Sign On WordPress plugin before 6.24.2 does not have CSRF checks when discarding Identify providers IdP, which could allow attackers to make logged in admins delete all IdP via a CSRF attack...
CVE-2023-1093
The CVE-2023-1093 entry concerns the OAuth Single Sign On WordPress plugin. Affected: OAuth SSO WordPress plugin versions prior to 6.24.2. Issue: missing CSRF checks when discarding Identify providers (IdP), enabling CSRF attacks that could cause a logged-in admin to delete all IdP configurations...