Lucene search
Nguyen Thuc TuyenWPEX-ID:5EB85DF5-8AAB-4F30-A401-F776A310B09CHistoryFeb 28, 2023 - 12:00 a.m.
OAuth Single Sign On - SSO (OAuth Client) Standard < 28.4.9 - IdP Deletion via CSRF
2023-02-2800:00:00
Nguyen Thuc Tuyen
67
oauth
sso
idp deletion
csrf
vulnerability
EPSS
0.001
Percentile
47.5%
The plugin does not have CSRF checks when deleting Identity Providers (IdP), which could allow attackers to make logged in admins delete arbitrary IdP via a CSRF attack
https://example.com/wp-admin/admin.php?page=mo_oauth_settings&tab=config&action=delete&app=wordpressRelated
wpvulndb
wpvulndb
wpexploit
wpexploit
prion
prion
Cross site request forgery (csrf)
2023-03-27 16:15:00
cvelist
cvelist
nvd
nvd
CVE-2023-1092
2023-03-27 16:15:09
cve
cve
CVE-2023-1092
2023-03-27 16:15:09
wordfence
wordfence