PT-2019-7394 · WordPress · Oauth2 Provider
Mallory Adams
·
Published
2019-09-26
·
Updated
2019-10-02
·
CVE-2015-9435
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
WordPress oauth2-provider plugin versions prior to 3.1.5
Description
The issue is related to the incorrect generation of random numbers in the oauth2-provider plugin for WordPress.
Recommendations
For versions prior to 3.1.5, update the oauth2-provider plugin to version 3.1.5 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Oauth2 Provider