CVE-2020-7948

2020-04-0113:15:15

Google

osv.dev

9.4 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.3%

JSON

An issue was discovered in the Login by Auth0 plugin before 4.0.0 for WordPress. A user can perform an insecure direct object reference.

CPENameOperatorVersion
wp-auth0eq3.1.1
wp-auth0eq3.9.0
wp-auth0eq3.3.2
wp-auth0eq1.3.0
wp-auth0eq3.6.2
wp-auth0eq3.2.5
wp-auth0eq3.2.8
wp-auth0eq3.8.1
wp-auth0eq2.1.6
wp-auth0eq3.2.9

Name	Operator	Version
wp-auth0	eq	3.1.1
wp-auth0	eq	3.9.0
wp-auth0	eq	3.3.2
wp-auth0	eq	1.3.0
wp-auth0	eq	3.6.2
wp-auth0	eq	3.2.5
wp-auth0	eq	3.2.8
wp-auth0	eq	3.8.1
wp-auth0	eq	2.1.6
wp-auth0	eq	3.2.9