Wp-oauth Wp Oauth Server — known CVE vulnerabilities
Every CVE whose affected-product data names Wp-oauth Wp Oauth Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-3926 — CVSS 6.5 (medium): The WP OAuth Server (OAuth Authentication) WordPress plugin before 3.4.2 does not have CSRF check when regenerating secrets, which could…
CVE-2022-3892 — CVSS 4.8 (medium): The WP OAuth Server (OAuth Authentication) WordPress plugin before 4.2.2 does not sanitize and escape Client IDs, which could allow high…
CVE-2024-31253 — CVSS 4.7 (medium): URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP OAuth Server OAuth Server.This issue affects OAuth Server: from n/a…