Lucene search
Nguyen Thuc TuyenWPEX-ID:8FBF7EFE-0BF2-42C6-AEF1-7FCF2708B31BHistoryFeb 28, 2023 - 12:00 a.m.
OAuth Single Sign On - SSO (OAuth Client) Free < 6.24.2 - IdP Deletion via CSRF
2023-02-2800:00:00
Nguyen Thuc Tuyen
201
oauth single sign on
sso
oauth client
idp deletion
csrf
exploit
EPSS
0.001
Percentile
47.5%
The plugin does not have CSRF checks when deleting Identity Providers (IdP), which could allow attackers to make logged in admins delete arbitrary IdP via a CSRF attack
https://example.com/wp-admin/admin.php?page=mo_oauth_settings&tab=config&action=delete&app=wordpressRelated
prion
prion
Cross site request forgery (csrf)
2023-03-27 16:15:00
wpvulndb
wpvulndb
wpexploit
wpexploit
cvelist
cvelist
nvd
nvd
CVE-2023-1092
2023-03-27 16:15:09
cve
cve
CVE-2023-1092
2023-03-27 16:15:09
wordfence
wordfence