Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google login vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-47683
Improper Privilege Management vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Privilege Escalation.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a up to and including...
NA
CVE-2023-23349
Kaspersky has fixed a security issue in Kaspersky Password Manager (KPM) for Windows that allowed a local user to recover the auto-filled credentials from a memory dump when the KPM extension for Google Chrome is used. To exploit the issue, an attacker must trick a user into visi...
NA
CVE-2024-29033
OAuthenticator provides plugins for JupyterHub to use common OAuth providers, as well as base classes for writing one's own Authenticators with any OAuth 2.0 provider. `GoogleOAuthenticator.hosted_domain` is used to restrict what Google accounts can be authorized access to a...
NA
CVE-2024-1176
The HT Easy GA4 – Google Analytics WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the login() function in all versions up to, and including, 1.1.5. This makes it possible for unauthenticated mali...
NA
CVE-2024-28239
Directus is a real-time API and App dashboard for managing SQL database content. The authentication API has a `redirect` parameter that can be exploited as an open redirect vulnerability as the user tries to log in via the API URL. There's a redirect that is done after succe...
NA
CVE-2022-44589
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in miniOrange miniOrange's Google Authenticator – WordPress Two Factor Authentication – 2FA , Two Factor, OTP SMS and Email | Passwordless login.This issue affects miniOrange's Google A...
Miniorange Google Authenticator
NA
CVE-2023-48654
One Identity Password Manager prior to 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape seque...
Oneidentity Password Manager
NA
CVE-2023-41936
Jenkins Google Login Plugin 1.7 and previous versions uses a non-constant time comparison function when checking whether the provided and expected token are equal, potentially allowing malicious users to use statistical methods to obtain a valid token.
Jenkins Google Login
NA
CVE-2023-39848
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
70 Github repositories
NA
CVE-2023-2982
The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 7.6.4. This is due to insufficient encryption on the user being supplied during a login validated through the...
Miniorange Wordpress Social Login And Register \\(discord\\, Google\\, Twitter\\, Linkedin\\)
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »