PT-2024-12031 · Miniorange · Miniorange Wordpress Social Login/Register

Name of the Vulnerable Software and Affected Versions: miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn versions 7.5.14 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploitation due to incorrectly configured...

Grafana API IDOR

Today we are releasing Grafana 8.3.5 and 7.5.14. This patch release includes MEDIUM severity security fix for Grafana Teams API IDOR. Release v.8.3.5, only containing security fixes: - Download Grafana 8.3.5 - Release notes Release v.7.5.15, only containing security fixes: - Download Grafana 7.5....

CVE-2023-23706 WordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Plugin <= 7.5.14 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn plugin = 7.5.14 versions...

WordPress plugin WordPress Social Login and Register 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin WordPress Social Login and...

CVE-2023-23710

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn plugin = 7.5.14 versions...

WordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Plugin <= 7.5.14 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Social Login and Register Discord, Google, Twitter, LinkedIn Type Plugin Vulnerable versions = 7.5.14 Fixed in 7.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23710 Patch priority Low CVSS severity Low 5.9 Developer Claim...