WordPress Plugin Vulnerabilities
Login by Auth0 < 4.0.0 - Multiple Vulnerabilities
Description
CVE-2020-5391 - CSRF controls missing for domain field
CVE-2020-5392 - Stored XSS in Settings page
CVE-2020-6753 - Stored XSS in multiple pages
CVE-2020-7947 - CSV injection vulnerabilities
CVE-2020-7948 - Insecure direct object reference
Affects Plugins
Fixed in 4.0.0 References
Miscellaneous
Verified
No
WPVDB ID
Timeline
Publicly Published
2020-04-01 (about 6 years ago)
Added
2020-04-01 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)
WPScan 