Posted by dxw Security on Aug 12

Details
================
Software: OAuth2 Complete For WordPress
Version: 3.1.3
Homepage: http://wordpress.org/plugins/oauth2-provider/
Advisory report:
https://security.dxw.com/advisories/the-oauth2-complete-plugin-for-wordpress-uses-a-pseudorandom-number-generator-which-is-non-cryptographically-secure/
CVE: Awaiting assignment
CVSS: 10 (High; AV:N/AC:L/Au:N/C:C/I:C/A:C)

Description
================
The OAuth2 Complete plugin for WordPress…