Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) Multiple Cross-Site Request Forgery Vulnerabilities - CVE-2023-1093 - Vulnerability Database
WP Plugin Miniorange Login With Eve Online Google Facebook

WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) Multiple Cross-Site Request Forgery Vulnerabilities - CVE-2023-1093

Medium
Reference: CVE-2023-1093
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-1093
Title: WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) Multiple Cross-Site Request Forgery Vulnerabilities
Overview:

WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) is prone to multiple cross-site request forgery vulnerabilities. Exploiting these issues may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application other attacks are also possible. WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) version 6.24.1 is vulnerable prior versions may also be affected.