Wp-oauth Wp_oauth_server
3 CVEs affecting Wp-oauth Wp_oauth_server. Latest disclosed: 2024-04-10. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-3926 | Medium | 6.5 | 2022-12-05 | The WP OAuth Server (OAuth Authentication) WordPress plugin before 3.4.2 does not have CSRF check when regenerating secrets, which could allow attackers to mak… |
CVE-2022-3892 | Medium | 4.8 | 2022-12-05 | The WP OAuth Server (OAuth Authentication) WordPress plugin before 4.2.2 does not sanitize and escape Client IDs, which could allow high privilege users such a… |
CVE-2024-31253 | Medium | 4.7 | 2024-04-10 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP OAuth Server OAuth Server.This issue affects OAuth Server: from n/a through 4.3.3. |