Vulnerabilities and security researches forwp-rest-api-authentication wp-rest-api-authentication

Jun 06, 2024

CVE, Research URL: CVE-2022-45073
Home page URL: Security reports for WordPress REST API Authentication
Application: WordPress REST API Authentication
Date: Nov 19, 2022
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in REST API Authentication plugin <= 2.4.0 on WordPress.
Affected versions: Min -, max -.
Status: vulnerable

Apr 18, 2025

CVE, Research URL: CVE-2025-39545
Home page URL: Security reports for WordPress REST API Authentication
Application: WordPress REST API Authentication
Date: Apr 16, 2025
Research Description: Missing Authorization vulnerability in miniOrange WordPress REST API Authentication allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WordPress REST API Authentication: from n/a through 3.6.3.
Affected versions: Min -, max -.
Status: vulnerable