4 matches found
CVE-2023-1092
The OAuth Single Sign On Free WordPress plugin before 6.24.2, OAuth Single Sign On Standard WordPress plugin before 28.4.9, OAuth Single Sign On Premium WordPress plugin before 38.4.9 and OAuth Single Sign On Enterprise WordPress plugin before 48.4.9 do not have CSRF checks when deleting Identity...
WordPress OAuth Single Sign On - SSO (OAuth Client) Premium Plugin < 38.4.9 is vulnerable to Cross Site Request Forgery (CSRF)
Software OAuth Single Sign On - SSO OAuth Client Premium Type Plugin Vulnerable versions 38.4.9 Fixed in 48.4.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-1092 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...
CVE-2023-1092 OAuth Single Sign On - SSO (OAuth Client) - IdP Deletion via CSRF
The OAuth Single Sign On Free WordPress plugin before 6.24.2, OAuth Single Sign On Standard WordPress plugin before 28.4.9, OAuth Single Sign On Premium WordPress plugin before 38.4.9 and OAuth Single Sign On Enterprise WordPress plugin before 48.4.9 do not have CSRF checks when deleting Identity...
CVE-2023-1092
CVE-2023-1092 affects the OAuth Single Sign On WordPress plugins: Free (<6.24.2), Standard (<28.4.9), Premium (<38.4.9), and Enterprise (