CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

Positive Technologies•added 2025/05/19 12:0 a.m.•2 views

PT-2025-21936 · Undefined · Undefined

🚨 CVE-2025-190800 in Auth0 WordPress plugin allows brute force attacks on session cookies, risking unauthorized access. Update to version 5.3.0 or later and consider rotating cookie encryption keys.🔧 Read more: https://t.co/aLcSs7CcDK BruteForceAttack CyberSecurity Vulert https://t.co/3Z8lZDmI2j...

7.2AI score

Exploits0References1

OSV•added 2025/05/16 5:48 p.m.•5 views

GHSA-G98G-R7GF-2R25 Brute Force Authentication Tags of CookieStore Sessions in Auth0-PHP SDK

Overview Session cookies of applications using the Auth0-PHP SDK configured with CookieStore have authentication tags that can be brute forced, which may result in unauthorized access. Am I Affected? You are affected by this vulnerability if you meet the following pre-conditions: 1. Applications...

9.1CVSS8.9AI score0.00084EPSS

Exploits0References8

NVD•added 2025/05/15 10:15 p.m.•9 views

CVE-2025-47275

Auth0-PHP provides the PHP SDK for Auth0 Authentication and Management APIs. Starting in version 8.0.0-BETA1 and prior to version 8.14.0, session cookies of applications using the Auth0-PHP SDK configured with CookieStore have authentication tags that can be brute forced, which may result in...

9.1CVSS0.00084EPSS

Exploits0References6

CVE•added 2025/05/15 9:13 p.m.•49 views

CVE-2025-47275

Summary: CVE-2025-47275 affects Auth0-PHP SDKs used with CookieStore across multiple Auth0 integrations (Laravel, WordPress, Symfony). Affected versions: Auth0-PHP in 8.0.0-BETA1 up to, but not including, 8.14.0. Applications using the SDK or linked Auth0 wrappers relying on it may have session c...

9.1CVSS7.3AI score0.00084EPSS

Exploits0References6

OSV•added 2025/05/15 9:13 p.m.•4 views

CVE-2025-47275 Brute Force Authentication Tags of CookieStore Sessions in Auth0-PHP SDK

9.1CVSS6.6AI score0.00084EPSS

Exploits0References8