Vulnerabilidades en miniOrange
31 resultadosCVE-2022-34858CRITICALWordPress OAuth 2.0 client for SSO plugin <= 1.11.3 - Authentication Bypass vulnerabilityEPSS 1.3%CVE-2022-34149CRITICALWordPress WP OAuth Server plugin <= 3.0.4 - Authentication Bypass vulnerabilityEPSS 1.0%CVE-2022-34155HIGHWordPress OAuth Single Sign On – SSO (OAuth Client) Plugin <= 6.23.3 is vulnerable to Broken AuthenticationEPSS 1.0%CVE-2023-25455MEDIUMWordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.6.0 - Arbitrary Content Deletion vulnerabilityEPSS 0.7%CVE-2022-44589HIGHWordPress miniOrange's Google Authenticator Plugin <= 5.6.1 is vulnerable to Sensitive Data ExposureEPSS 0.7%CVE-2022-42461MEDIUMWordPress miniOrange's Google Authenticator plugin <= 5.6.1 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2022-4496MEDIUMminiOrange WordPress SAML SSO multiple versions - Open Redirect in SSO loginEPSS 0.6%CVE-2023-23749HIGHExtension - miniorange - LDAP Integration - LDAP Injection (username)EPSS 0.6%CVE-2024-25902HIGHWordPress Malware Scanner Plugin <= 4.7.2 is vulnerable to SQL InjectionEPSS 0.5%CVE-2025-31019HIGHWordPress Password Policy Manager plugin <= 2.0.4 - Account Takeover vulnerabilityEPSS 0.5%CVE-2023-37987MEDIUMWordPress YourMembership Single Sign On plugin <= 1.1.3 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-47683HIGHWordPress Social Login, Social Sharing by miniOrange plugin <= 7.6.6 - Authenticated Privilege Escalation vulnerabilityEPSS 0.5%CVE-2023-1092MEDIUMOAuth Single Sign On - SSO (OAuth Client) - IdP Deletion via CSRFEPSS 0.4%CVE-2025-47670HIGHWordPress Social Login and Register plugin <= 7.6.10 - Local File Inclusion VulnerabilityEPSS 0.4%CVE-2025-47672HIGHWordPress miniOrange Discord Integration plugin <= 2.2.2 - Local File Inclusion VulnerabilityEPSS 0.4%CVE-2025-39545MEDIUMWordPress REST API Authentication plugin <= 3.6.3 - Settings Change VulnerabilityEPSS 0.4%CVE-2023-24375LOWWordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.5.14 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-68974MEDIUMWordPress WordPress Social Login and Register plugin <= 7.7.0 - Local File Inclusion vulnerabilityEPSS 0.4%CVE-2023-52176MEDIUMWordPress Malware Scanner plugin <= 4.7.1 - IP Restriction Bypass vulnerabilityEPSS 0.4%CVE-2023-41873MEDIUMWordPress SAML Single Sign On – SSO Login plugin <= 5.0.4 - Broken Access Control vulnerabilityEPSS 0.4%