Lucene search
K

27 matches found

Prion
Prion
added 2020/04/01 1:15 p.m.14 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerabilities exist in the Auth0 plugin before 4.0.0 for WordPress via the domain field...

6.8CVSS9AI score0.00845EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2020/04/01 1:15 p.m.15 views

Cross site scripting

A stored cross-site scripting XSS vulnerability exists in the Auth0 plugin before 4.0.0 for WordPress via the settings page...

4.3CVSS6AI score0.01318EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2020/04/01 12:50 p.m.72 views

CVE-2020-5391

The CVE-2020-5391 entry concerns the WordPress Auth0 plugin (pre-4.0.0). The vulnerability is a Cross-site Request Forgery (CSRF) via the domain field, with root cause described as failing to properly validate user input. Affected software: Auth0 WordPress plugin versions before 4.0.0. Impact: co...

8.8CVSS9.5AI score0.00845EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2020/04/01 12:48 p.m.81 views

CVE-2020-5392

CVE-2020-5392 concerns the WordPress Auth0 plugin prior to version 4.0.0, where a stored cross-site scripting (XSS) vulnerability is exploitable via the plugin’s settings page. The issue is documented across multiple feeds (NVD, Red Hat, OSV, CNVD, CNVD, Nessus), all describing a stored XSS vecto...

6.1CVSS6.8AI score0.01318EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2020/02/05 8:15 p.m.22 views

CVE-2019-20173

The Auth0 wp-auth0 plugin 3.11.x before 3.11.3 for WordPress allows XSS via a wle parameter associated with wp-login.php...

6.1CVSS6AI score0.02462EPSS
Exploits1References3
OSV
OSV
added 2020/02/05 8:15 p.m.18 views

CVE-2019-20173

The Auth0 wp-auth0 plugin 3.11.x before 3.11.3 for WordPress allows XSS via a wle parameter associated with wp-login.php...

6.1CVSS5.8AI score0.02462EPSS
Exploits1References3
Prion
Prion
added 2020/02/05 8:15 p.m.18 views

Design/Logic Flaw

The Auth0 wp-auth0 plugin 3.11.x before 3.11.3 for WordPress allows XSS via a wle parameter associated with wp-login.php...

4.3CVSS6AI score0.02462EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder