Cross-site request forgery (CSRF) vulnerabilities exist in the Auth0 plugin before 4.0.0 for WordPress via the domain field.
8.8CVSS
9.5AI Score
0.002EPSS
A stored cross-site scripting (XSS) vulnerability exists in the Auth0 plugin before 4.0.0 for WordPress via the settings page.
6.1CVSS
6.8AI Score
0.001EPSS