CVE-2022-3894 — CVSS 4.3 (medium): The WP OAuth Server (OAuth Authentication) WordPress plugin before 4.2.5 does not have CSRF check when deleting a client, and does not…
CVE-2022-4148 — CVSS 4.3 (medium): The WP OAuth Server (OAuth Authentication) WordPress plugin before 4.3.0 has a flawed CSRF and authorisation check when deleting a client…