exploitDog

CVE-2023-24375

Опубликовано: 09 дек. 2024

Источник: nvd

CVSS3: 3.5

EPSS Низкий

Описание

Missing Authorization vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through 7.5.14.

Ссылки

https://patchstack.com/database/wordpress/plugin/miniorange-login-openid/vulnerability/wordpress-wordpress-social-login-and-register-discord-google-twitter-linkedin-plugin-7-5-14-broken-access-control?_s_id=cve

EPSS

Процентиль: 27%

0.00094

Низкий

3.5 Low

CVSS3

Дефекты

CWE-862

Связанные уязвимости

GHSA-8rr9-98f9-jfm4

CVSS3: 3.5

github

около 1 года назад

Missing Authorization vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through 7.5.14.

EPSS

Процентиль: 27%

0.00094

Низкий

3.5 Low

CVSS3

Дефекты

CWE-862