Vulnerabilities in Cyberlord92

37 results

CVE-2023-3447HIGHActive Directory Integration / LDAP Integration <= 4.1.5 - Authenticated (Subscriber+) LDAP InjectionEPSS 0.4%CVE-2024-11087HIGHminiOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) Pro Addon <= 200.3.9 - Authentication BypassEPSS 0.4%CVE-2023-2599LOWActive Directory Integration / LDAP Integration <= 4.1.4 - Cross-Site Request Forgery to SQL InjectionEPSS 0.4%CVE-2025-7665HIGHMiniorange OTP Verification with Firebase 3.1.0 - 3.6.2 - Unauthenticated Privilege EscalationEPSS 0.3%CVE-2023-46082MEDIUMWordPress Broken Link Checker | Finder plugin <= 2.4.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-10753MEDIUMOAuth Single Sign On – SSO (OAuth Client) <= 6.26.14 - Missing AuthorizationEPSS 0.3%CVE-2024-12121MEDIUMBroken Link Checker | Finder <= 2.5.0 - Authenticated (Author+) Blind Server-Side Request ForgeryEPSS 0.3%CVE-2025-10648MEDIUMLogin with YourMembership - YM SSO Login <= 1.1.7 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'moym_display_test_attributes'EPSS 0.3%CVE-2025-6003MEDIUMWordPress Single Sign-On (SSO) - Multiple Versions - Incorrect Authorization to Sensitive Information ExposureEPSS 0.3%CVE-2025-10746MEDIUMIntegrate Dynamics 365 CRM <= 1.0.9 - Missing AuthorizationEPSS 0.2%CVE-2026-1279MEDIUMEmployee Directory <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'form_title' Shortcode AttributeEPSS 0.2%CVE-2025-14948MEDIUMminiOrange OTP Verification and SMS Notification for WooCommerce <= 4.3.8 - Missing Authorization to Unauthenticated Notification Settings ModificationEPSS 0.2%CVE-2026-0725MEDIUMIntegrate Dynamics 365 CRM <= 1.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Field Mapping ConfigurationEPSS 0.2%CVE-2025-9891MEDIUMUser Sync – Remote User Sync <= 1.0.2 - Cross-Site Request Forgery to Plugin DeactivationEPSS 0.2%CVE-2025-11255MEDIUMPassword Policy Manager | Password Manager <= 2.0.5 - Missing Authorization to Authenticated (Subscriber+) Configuration Log OutEPSS 0.2%CVE-2025-12822MEDIUMWP Login and Register using JWT <= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) API Key ExposureEPSS 0.2%CVE-2025-10752MEDIUMOAuth Single Sign On – SSO (OAuth Client) <= 6.26.12 - Cross-Site Request ForgeryEPSS 0.2%

← previouspage 2 / 2next →