Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

miniorange vulnerabilities and exploits

(subscribe to this query)
6.1
CVSSv3

CVE-2022-4496

The SAML SSO Standard WordPress plugin version 16.0.0 prior to 16.0.8, SAML SSO Premium WordPress plugin version 12.0.0 prior to 12.1.0 and SAML SSO Premium Multisite WordPress plugin version 20.0.0 prior to 20.0.7 does not validate that the redirect parameter to its SSO login en...
Miniorange Miniorange Wordpress Saml Sso StandardMiniorange Miniorange Wordpress Saml Sso PremiumMiniorange Miniorange Wordpress Saml Sso Premium MulsitesiteMiniorange Saml Sp Single Sign On
6.5
CVSSv3

CVE-2023-1092

The OAuth Single Sign On Free WordPress plugin prior to 6.24.2, OAuth Single Sign On Standard WordPress plugin prior to 28.4.9, OAuth Single Sign On Premium WordPress plugin prior to 38.4.9 and OAuth Single Sign On Enterprise WordPress plugin prior to 48.4.9 do not have CSRF chec...
Miniorange Oauth Single Sign On FreeMiniorange Oauth Single Sign On StandardMiniorange Oauth Single Sign On PremiumMiniorange Oauth Single Sign On EnterpriseMiniorange Oauth Single Sign On
6.5
CVSSv3

CVE-2022-3082

The miniOrange Discord Integration WordPress plugin prior to 2.1.6 does not have authorisation and CSRF in some of its AJAX actions, allowing any logged in users, such as subscriber to call them, and disable the app for example
Unknown Miniorange Discord IntegrationMiniorange Discord Integration
8.8
CVSSv3

CVE-2022-42461

Broken Access Control vulnerability in miniOrange's Google Authenticator plugin <= 5.6.1 on WordPress.
Miniorange Miniorange's Google Authenticator (wordpress Plugin)Miniorange Google Authenticator
9.8
CVSSv3

CVE-2022-34149

Authentication Bypass vulnerability in miniOrange WP OAuth Server plugin <= 3.0.4 at WordPress.
Miniorange Wp Oauth Server (wordpress Plugin)Miniorange Wp Oauth Server
5.4
CVSSv3

CVE-2021-36785

The miniorange_saml (aka Miniorange Saml) extension prior to 1.4.3 for TYPO3 allows XSS.
Miniorange Saml
4.3
CVSSv3

CVE-2023-47776

Missing Authorization vulnerability in miniOrange miniorange otp verification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects miniorange otp verification: from n/a up to and including 4.2.1.
Miniorange Miniorange Otp Verification
7.5
CVSSv3

CVE-2021-36786

The miniorange_saml (aka Miniorange Saml) extension prior to 1.4.3 for TYPO3 allows Sensitive Data Exposure of API credentials and private keys.
Miniorange Saml
8.1
CVSSv3

CVE-2025-47672

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in miniOrange miniOrange Discord Integration allows PHP Local File Inclusion. This issue affects miniOrange Discord Integration: from n/a up to and incl...
Miniorange Miniorange Discord Integration
8.8
CVSSv3

CVE-2022-45073

Cross-Site Request Forgery (CSRF) vulnerability in REST API Authentication plugin <= 2.4.0 on WordPress.
Miniorange Wordpress Rest Api Authentication (wordpress Plugin)Miniorange Wordpress Rest Api Authentication
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
jasmin ransomwareCVE-2025-6110code executionCVE-2025-21420reflected XSSCVE-2025-5336wp url shortenerCVE-2025-49113gr-5400axoverflowCVE-2025-6062letta-aiCVE-2025-50143
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook