Woocommerce Social Login Security Vulnerabilities and Issues — Woocommerce Social Login CVE List

Lucene search

WpwebeliteWoocommerce Social Login

3 matches found

CVE•added 2024/06/15 4:15 a.m.•52 views

CVE-2024-5871

The WooCommerce - Social Login plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.6.2 via deserialization of untrusted input from the 'woo_slg_verify' vulnerable parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. N...

9.8CVSS9.7AI score0.03895EPSS

CVE•added 2024/07/20 8:15 a.m.•36 views

CVE-2024-6636

The WooCommerce - Social Login plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'woo_slg_login_email' function in all versions up to, and including, 2.7.3. This makes it possible for unauthenticated attackers to change the default role...

9.8CVSS9.3AI score0.02851EPSS

CVE•added 2024/08/12 1:38 p.m.•30 views

CVE-2024-7503

The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.5. This is due to the use of loose comparison of the activation code in the 'woo_slg_confirm_email_user' function. This makes it possible for unauthenticated attackers to...

9.8CVSS9.7AI score0.03438EPSS