PT-2024-12031 · Miniorange · Miniorange Wordpress Social Login/Register

Name of the Vulnerable Software and Affected Versions: miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn versions 7.5.14 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploitation due to incorrectly configured...

CVE-2023-23706 WordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Plugin <= 7.5.14 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn plugin = 7.5.14 versions...

CVE-2023-23710

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn plugin = 7.5.14 versions...

WordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Plugin <= 7.5.14 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Social Login and Register Discord, Google, Twitter, LinkedIn Type Plugin Vulnerable versions = 7.5.14 Fixed in 7.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23710 Patch priority Low CVSS severity Low 5.9 Developer Claim...