2 matches found
CVE-2022-2891
The WP 2FA WordPress plugin before 2.3.0 uses comparison operators that don't mitigate time-based attacks, which could be abused to leak information about the authentication codes being compared...
CVE-2022-2891
The CVE-2022-2891 entry documents a time-based side-channel attack in the WP 2FA WordPress plugin prior to version 2.3.0. The vulnerability arises from comparison operators that do not mitigate timing differences, potentially leaking information about authentication codes during comparison. Affec...