Dash10 Oauth_server
3 CVEs affecting Dash10 Oauth_server. Latest disclosed: 2023-03-20. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2015-9435 | Critical | 9.8 | 2019-09-26 | The oauth2-provider plugin before 3.1.5 for WordPress has incorrect generation of random numbers. |
CVE-2022-4148 | Medium | 4.3 | 2023-03-20 | The WP OAuth Server (OAuth Authentication) WordPress plugin before 4.3.0 has a flawed CSRF and authorisation check when deleting a client, which could allow an… |
CVE-2022-3894 | Medium | 4.3 | 2023-03-20 | The WP OAuth Server (OAuth Authentication) WordPress plugin before 4.2.5 does not have CSRF check when deleting a client, and does not ensure that the object t… |