Lucene search
K

27 matches found

Vulnrichment
Vulnrichment
added 2025/12/30 10:47 a.m.2 views

CVE-2025-68974 WordPress WordPress Social Login and Register plugin <= 7.7.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows PHP Local File Inclusion.This issue affects WordPress Social Login and Register: from n/a through =...

6.6CVSS6.7AI score0.00405EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28114

Malicious code in bioql PyPI...

8.1CVSS7.9AI score0.00542EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/23 12:43 p.m.7 views

CVE-2025-47670 WordPress Social Login and Register plugin <= 7.6.10 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows PHP Local File Inclusion.This issue affects WordPress Social Login and Register: from n/a through =...

8.1CVSS5.3AI score0.00542EPSS
Exploits0References1
CVE
CVE
added 2025/05/23 12:43 p.m.55 views

CVE-2025-47670

CVE-2025-47670 is an LFI (Local File Inclusion) vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Pro Addon, affecting versions up to 7.6.10. Root cause: improper filename control in PHP include/require leading to RFI/LFI. CVSSv3.1 base score 8.1...

8.1CVSS5.9AI score0.00542EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:12 a.m.11 views

CVE-2023-23706

Cross-Site Request Forgery CSRF vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn plugin = 7.5.14 versions...

8.8CVSS7.1AI score0.00256EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:0 a.m.6 views

CVE-2023-47683

Improper Privilege Management vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn allows Privilege Escalation.This issue affects WordPress Social Login and Register Discord, Google, Twitter, LinkedIn: from n/a through 7.6.6...

8CVSS7AI score0.00479EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:54 a.m.7 views

CVE-2023-24375

Missing Authorization vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register Discord, Google, Twitter, LinkedIn: from n/a...

3.5CVSS5.2AI score0.00431EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.4 views

PT-2025-22774 · WordPress · Miniorange Wordpress Social Login/Register

Name of the Vulnerable Software and Affected Versions: miniOrange WordPress Social Login and Register versions 7.6.10 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which...

8.1CVSS7.9AI score0.00542EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/28 12:0 a.m.7 views

WordPress plugin Wp Social Login and Register Social Counter 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

4.3CVSS7.5AI score0.00188EPSS
Exploits0References4
NVD
NVD
added 2024/12/09 1:15 p.m.15 views

CVE-2023-24375

Missing Authorization vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register Discord, Google, Twitter, LinkedIn: from n/a...

3.5CVSS0.00431EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/04 8:59 p.m.7 views

WordPress Social Login - WordPress Plugin plugin <= 2.7.7 - Authentication Bypass vulnerability

WordPress Social Login - WordPress Plugin plugin = 2.7.7 - Authentication Bypass vulnerability discovered by wesley wcraft in WordPress Plugin WooCommerce Social Login versions = 2.7.7...

8.1CVSS7AI score0.00524EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/05/17 9:15 a.m.21 views

CVE-2023-47683

Improper Privilege Management vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn allows Privilege Escalation.This issue affects WordPress Social Login and Register Discord, Google, Twitter, LinkedIn: from n/a through 7.6.6...

8CVSS7.9AI score0.00479EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/17 8:36 a.m.26 views

CVE-2023-47683 WordPress Social Login, Social Sharing by miniOrange plugin <= 7.6.6 - Authenticated Privilege Escalation vulnerability

Improper Privilege Management vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn allows Privilege Escalation.This issue affects WordPress Social Login and Register Discord, Google, Twitter, LinkedIn: from n/a through 7.6.6...

8CVSS7.9AI score0.00479EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/17 8:36 a.m.20 views

CVE-2023-47683 WordPress Social Login, Social Sharing by miniOrange plugin <= 7.6.6 - Authenticated Privilege Escalation vulnerability

Improper Privilege Management vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn allows Privilege Escalation.This issue affects WordPress Social Login and Register Discord, Google, Twitter, LinkedIn: from n/a through 7.6.6...

8CVSS7AI score0.00479EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/09/06 12:0 a.m.5 views

WordPress plugin WordPress Social Login Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.4CVSS6AI score0.00359EPSS
Exploits0References4
Patchstack
Patchstack
added 2023/09/06 12:0 a.m.20 views

WordPress WordPress Social Login Plugin <= 3.0.4 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Social Login Type Plugin Vulnerable versions = 3.0.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4773 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7be568b5c18c Credits Lana Codes Required...

6.4CVSS6AI score0.00359EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/08/30 3:15 p.m.31 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Miled WordPress Social Login plugin = 3.0.4 versions...

5.8CVSS6AI score0.00445EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2023/08/30 2:25 p.m.107 views

CVE-2023-34023

CVE-2023-34023: Unauth. Reflected Cross-Site Scripting (XSS) in Miled WordPress Social Login plugin, affected versions

7.1CVSS6AI score0.00445EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2023/08/30 2:12 p.m.115 views

CVE-2023-34172

CVE-2023-34172 describes an authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin WordPress Social Login (Miled WordPress Social Login) up to version ≤ 3.0.4. Root cause: stored XSS likely via admin-accessible vector in the plugin. Impact: local XSS could ...

5.9CVSS5AI score0.00439EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/08/30 12:0 a.m.4 views

WordPress plugin wordpress-social-login 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6.8AI score0.00445EPSS
Exploits1References2
Rows per page
Query Builder