CVE-2022-2891 Information

Description

The WP 2FA WordPress plugin before 2.3.0 uses comparison operators that don’t mitigate time-based attacks which could be abused to leak information about the authentication codes being compared.

Reference

https://wpscan.com/vulnerability/301b3dce-2584-46ec-92ed-1c0626522120