Cross Site Request Forgery (CSRF) in... CVE-2018-20231

6.8 AV AC AU C I A
发布: 2018-12-19
修订: 2019-03-15

Cross Site Request Forgery (CSRF) in the two-factor-authentication plugin before 1.3.13 for WordPress allows remote attackers to disable 2FA via the tfa_enable_tfa parameter due to missing nonce validation.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有1条受影响产品信息