auth0/wordpress Security Advisories (5)
-
[MEDIUM] Auth0 WordPress has Improper Audience Validation via Auth0-PHP SDK Dependency
PKSA-q26s-yhsm-92t7 GHSA-vvg7-8rmq-92g7
Affected version: >=5.0.0-BETA0,<=5.4.0
Reported by:
GitHub -
[LOW] Auth0 Wordpress plugin Does Not Properly Handle File Types in Bulk User Import
PKSA-82rv-h1ph-c98y GHSA-w22c-pw5m-482x
Affected version: >5.0.0-BETA0,<=5.3.0
Reported by:
GitHub -
[CRITICAL] Auth0 Wordpress Plugin vulnerable to Deserialization of Untrusted Data
PKSA-tf6w-nm47-cmpt GHSA-862m-5253-832r
Affected version: >=5.0.0-BETA0,<=5.0.1
Reported by:
GitHub -
[CRITICAL] Auth0 Wordpress plugin Vulnerable to Brute Force Authentication Tags of CookieStore Sessions
PKSA-gs7k-12gv-v33r GHSA-2f4r-34m4-3w8q
Affected version: <5.3.0
Reported by:
GitHub -
[MEDIUM] Login by Auth0 plugin for WordPress vulnerable to Reflected Cross-Site Scripting
PKSA-xkct-3k26-sc19 CVE-2023-6813 GHSA-x6p7-44rh-m3rr
Affected version: <=4.6.0
Reported by:
GitHub