CVE-2020-5392

CVE-2020-5392

EPSS 1.3%

A stored cross-site scripting (XSS) vulnerability exists in the Auth0 plugin before 4.0.0 for WordPress via the settings page.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://auth0.com/docs/security/bulletins/2020-03-31_wpauth0 https://github.com/auth0/wp-auth0/releases https://github.com/auth0/wp-auth0/security/advisories/GHSA-59vf-cgfw-6h6v