CVEs-PoC/2022/CVE-2022-2133.md at b0e96c877abb080d7cf221c036336480ff266ccf

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-08 22:35:37 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

The OAuth Single Sign On WordPress plugin before 6.22.6 doesn't validate that OAuth access token requests are legitimate, which allows attackers to log onto the site with the only knowledge of a user's email address.

POC

Reference

https://wpscan.com/vulnerability/e76939ca-180f-4472-a26a-e0c36cfd32de

Github

https://github.com/ARPSyndicate/cvemon

822 B Raw Blame History

CVE-2022-2133

Description

POC

Reference

Github

822 B

Raw Blame History