Lucene search
PatchstackCVE-2022-34149HistoryAug 22, 2022 - 3:15 p.m.
CVE-2022-34149
2022-08-2215:15:15
CWE-264
CWE-287
Patchstack
web.nvd.nist.gov
278
5
cve-2022-34149
authentication bypass
miniorange
wp oauth server
wordpress
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.002
Percentile
52.1%
Authentication Bypass vulnerability in miniOrange WP OAuth Server plugin <= 3.0.4 at WordPress.
Affected configurations
Node
miniorangewp_oauth_serverRange≤3.0.4wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| miniorange | wp_oauth_server | * | cpe:2.3:a:miniorange:wp_oauth_server:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "miniorange-oauth-20-server",
"product": "WP OAuth Server (WordPress plugin)",
"vendor": "miniOrange",
"versions": [
{
"changes": [
{
"at": "4.0.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.0.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
prion
prion
Authentication flaw
2022-08-22 15:15:00
patchstack
patchstack
wpexploit
wpexploit
WP OAuth Server ( Login with WordPress ) < 4.0.1 - Authentication Bypass
2022-06-20 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2022-34149
2022-08-22 15:15:15
wpvulndb
wpvulndb
WP OAuth Server ( Login with WordPress ) < 4.0.1 - Authentication Bypass
2022-06-20 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.002
Percentile
52.1%
Related for CVE-2022-34149