2022-10-10 00:00:00
WPScan
PUBLISHED
The WP 2FA WordPress plugin before 2.3.0 uses comparison operators that dont mitigate time-based attacks, which could be abused to leak information about the authentication codes being compared.