exploitDog

CVE-2023-25455

Опубликовано: 09 дек. 2024

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

Missing Authorization vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through 7.6.0.

Ссылки

https://patchstack.com/database/wordpress/plugin/miniorange-login-openid/vulnerability/wordpress-wordpress-social-login-and-register-discord-google-twitter-linkedin-plugin-7-6-0-arbitrary-content-deletion-vulnerability?_s_id=cve

EPSS

Процентиль: 26%

0.00087

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-862

Связанные уязвимости

GHSA-pmr4-rq5x-jpmj

CVSS3: 5.3

github

около 1 года назад

Missing Authorization vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through 7.6.0.

EPSS

Процентиль: 26%

0.00087

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-862