Authenticator by Inpsyde GmbH

Authenticator by Inpsyde GmbH <= 1.3.0 - Subscriber+ Denial of Service via Feed Token Disclosure

LANACOMMONVDB ID: b3daa279-f410-4df2-9c02-70696a6b18dd

The plugin does not prevent subscribers from updating a site's feed access token, which may deny other users access to the functionality in certain configurations.

You must be log in to view vulnerability details.

Or register a new account.

References

Source Code: https://wordpress.org/plugins/authenticator/

CVE: CVE-2022-3994

Attributes

Catgory: WordPress Plugin

Discovered: 2022-11-07

Published: 2022-12-09

Affected Version: <= 1.3.0

Classification

Type: Denial of Service (DOS)

Researcher

Name: István Márton

Email: [email protected]

Support Us?

We would truly appreciate it if you bought us a bunny (food for a snow leopard).