27 matches found
CVE-2025-68974 WordPress WordPress Social Login and Register plugin <= 7.7.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows PHP Local File Inclusion.This issue affects WordPress Social Login and Register: from n/a through =...
EUVD-2025-28114
Malicious code in bioql PyPI...
CVE-2025-47670 WordPress Social Login and Register plugin <= 7.6.10 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows PHP Local File Inclusion.This issue affects WordPress Social Login and Register: from n/a through =...
CVE-2025-47670
CVE-2025-47670 is an LFI (Local File Inclusion) vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Pro Addon, affecting versions up to 7.6.10. Root cause: improper filename control in PHP include/require leading to RFI/LFI. CVSSv3.1 base score 8.1...
CVE-2023-23706
Cross-Site Request Forgery CSRF vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn plugin = 7.5.14 versions...
CVE-2023-47683
Improper Privilege Management vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn allows Privilege Escalation.This issue affects WordPress Social Login and Register Discord, Google, Twitter, LinkedIn: from n/a through 7.6.6...
CVE-2023-24375
Missing Authorization vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register Discord, Google, Twitter, LinkedIn: from n/a...
PT-2025-22774 · WordPress · Miniorange Wordpress Social Login/Register
Name of the Vulnerable Software and Affected Versions: miniOrange WordPress Social Login and Register versions 7.6.10 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which...
WordPress plugin Wp Social Login and Register Social Counter 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
CVE-2023-24375
Missing Authorization vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register Discord, Google, Twitter, LinkedIn: from n/a...
WordPress Social Login - WordPress Plugin plugin <= 2.7.7 - Authentication Bypass vulnerability
WordPress Social Login - WordPress Plugin plugin = 2.7.7 - Authentication Bypass vulnerability discovered by wesley wcraft in WordPress Plugin WooCommerce Social Login versions = 2.7.7...
CVE-2023-47683
Improper Privilege Management vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn allows Privilege Escalation.This issue affects WordPress Social Login and Register Discord, Google, Twitter, LinkedIn: from n/a through 7.6.6...
CVE-2023-47683 WordPress Social Login, Social Sharing by miniOrange plugin <= 7.6.6 - Authenticated Privilege Escalation vulnerability
Improper Privilege Management vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn allows Privilege Escalation.This issue affects WordPress Social Login and Register Discord, Google, Twitter, LinkedIn: from n/a through 7.6.6...
CVE-2023-47683 WordPress Social Login, Social Sharing by miniOrange plugin <= 7.6.6 - Authenticated Privilege Escalation vulnerability
Improper Privilege Management vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn allows Privilege Escalation.This issue affects WordPress Social Login and Register Discord, Google, Twitter, LinkedIn: from n/a through 7.6.6...
WordPress plugin WordPress Social Login Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress WordPress Social Login Plugin <= 3.0.4 is vulnerable to Cross Site Scripting (XSS)
Software WordPress Social Login Type Plugin Vulnerable versions = 3.0.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4773 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7be568b5c18c Credits Lana Codes Required...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Miled WordPress Social Login plugin = 3.0.4 versions...
CVE-2023-34023
CVE-2023-34023: Unauth. Reflected Cross-Site Scripting (XSS) in Miled WordPress Social Login plugin, affected versions
CVE-2023-34172
CVE-2023-34172 describes an authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin WordPress Social Login (Miled WordPress Social Login) up to version ≤ 3.0.4. Root cause: stored XSS likely via admin-accessible vector in the plugin. Impact: local XSS could ...
WordPress plugin wordpress-social-login 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...