5 matches found
EUVD-2023-23380
Malicious code in bioql PyPI...
CVE-2023-1093
The OAuth Single Sign On WordPress plugin before 6.24.2 does not have CSRF checks when discarding Identify providers IdP, which could allow attackers to make logged in admins delete all IdP via a CSRF attack...
Cross site request forgery (csrf)
The OAuth Single Sign On WordPress plugin before 6.24.2 does not have CSRF checks when discarding Identify providers IdP, which could allow attackers to make logged in admins delete all IdP via a CSRF attack...
CVE-2023-1093 OAuth Single Sign On - SSO (OAuth Client) < 6.24.2 - IdP Discard via CSRF
The OAuth Single Sign On WordPress plugin before 6.24.2 does not have CSRF checks when discarding Identify providers IdP, which could allow attackers to make logged in admins delete all IdP via a CSRF attack...
PT-2023-16748 · WordPress · Oauth Single Sign On
Name of the Vulnerable Software and Affected Versions: OAuth Single Sign On WordPress plugin versions prior to 6.24.2 Description: The issue concerns a lack of CSRF checks when discarding Identify providers IdP in the OAuth Single Sign On WordPress plugin. This could allow attackers to make...