WordPress Digits plugin < 8.4.6.1 - Auth Bypass via OTP Bruteforcing vulnerability

Auth Bypass via OTP Bruteforcing vulnerability discovered by Saleh Tarawneh in WordPress Plugin Digits versions 8.4.6.1...

WordPress Digits Plugin <= 8.4.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Digits Type Plugin Vulnerable versions = 8.4.1 Fixed in 8.4.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0203 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d69a9fce5806 Credits István Márton Required...