3 matches found
CVE-2024-31253
CVE-2024-31253 describes an Open Redirect vulnerability in the WP OAuth Server (OAuth Server) plugin. According to the provided sources, the issue affects OAuth Server up to version 4.3.3 and can redirect users to an untrusted site. The Red Hat and Wordfence entries corroborate the same descripti...
CVE-2022-3892
CVE-2022-3892 affects the WordPress plugin “WP OAuth Server (OAuth Authentication)”
CVE-2022-3926
The CVE-2022-3926 issue affects the WP OAuth Server (OAuth Authentication) WordPress plugin, versions prior to 3.4.2. The root cause is a missing CSRF check when regenerating secrets, which could let an attacker who is logged in and knows a client ID trigger a secret regeneration for any client. ...