exploitDog

CVE-2022-34858

Опубликовано: 22 авг. 2022

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Authentication Bypass vulnerability in miniOrange OAuth 2.0 client for SSO plugin <= 1.11.3 at WordPress.

Ссылки

https://lana.codes/lanavdb/df23b19f-4134-41d3-8cb3-9d44189b461b?_s_id=cve
Exploit
Third Party Advisory
https://patchstack.com/database/vulnerability/oauth-client/wordpress-oauth-2-0-client-for-sso-plugin-1-11-3-authentication-bypass-vulnerability?_s_id=cve
Third Party Advisory
https://lana.codes/lanavdb/df23b19f-4134-41d3-8cb3-9d44189b461b?_s_id=cve
Exploit
Third Party Advisory
https://patchstack.com/database/vulnerability/oauth-client/wordpress-oauth-2-0-client-for-sso-plugin-1-11-3-authentication-bypass-vulnerability?_s_id=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:miniorange:oauth_2.0_client_for_sso:*:*:*:*:*:wordpress:*:*

Версия до 1.11.4 (исключая)

EPSS

Процентиль: 71%

0.00687

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-306

CWE-306

Связанные уязвимости

GHSA-m7c9-5c5m-jq4q

CVSS3: 9.8

github

больше 3 лет назад

Authentication Bypass vulnerability in miniOrange OAuth 2.0 client for SSO plugin <= 1.11.3 at WordPress.

EPSS

Процентиль: 71%

0.00687

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-306

CWE-306