Woocommerce Social Login Security Vulnerabilities and Issues — Woocommerce Social Login CVE List

Lucene search

WpwebeliteWoocommerce Social Login

3 matches found

CVE•added 2024/07/20 8:15 a.m.•49 views

CVE-2024-6637

The WooCommerce - Social Login plugin for WordPress is vulnerable to unauthenticated privilege escalation in all versions up to, and including, 2.7.3. This is due to a lack of brute force controls on a weak one-time password. This makes it possible for unauthenticated attackers to brute force the o...

7.3CVSS7.4AI score0.00854EPSS

CVE•added 2024/07/20 8:15 a.m.•47 views

CVE-2024-6635

The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.3. This is due to insufficient controls in the 'woo_slg_login_email' function. This makes it possible for unauthenticated attackers to log in as any existing user on the ...

7.3CVSS7.3AI score0.00897EPSS

CVE•added 2024/07/20 8:15 a.m.•36 views

CVE-2024-6636

The WooCommerce - Social Login plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'woo_slg_login_email' function in all versions up to, and including, 2.7.3. This makes it possible for unauthenticated attackers to change the default role...

9.8CVSS9.3AI score0.02851EPSS