2 matches found
CVE-2024-11087
CVE-2024-11087 relates to the miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) Pro Addon for WordPress. The vulnerability is an authentication bypass introduced by insufficient verification on the user returned by the social login token, allowing unauthenticated attackers...
PT-2023-19150 · Miniorange · Miniorange Wordpress Social Login/Register
Name of the Vulnerable Software and Affected Versions: miniOrange WordPress Social Login and Register plugin versions prior to 7.5.14 Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin access can inject...