CVE-2022-2891
N/A
N/A
Summary
The WP 2FA WordPress plugin before 2.3.0 uses comparison operators that don't mitigate time-based attacks, which could be abused to leak information about the authentication codes being compared.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | WP 2FA | 0 < 2.3.0 | affected |
Weaknesses
- CWE-203 Observable Discrepancy
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.