miniorange vulnerabilities and exploits

(subscribe to this query)

Improper Authentication vulnerability in miniOrange OAuth Single Sign On – SSO (OAuth Client) plugin allows Authentication Bypass.This issue affects OAuth Single Sign On – SSO (OAuth Client): from n/a up to and including 6.23.3.

Miniorange Oauth Single Sign On – Sso (oauth Client)Miniorange Oauth Single Sign On

Authentication Bypass vulnerability in miniOrange OAuth 2.0 client for SSO plugin <= 1.11.3 at WordPress.

Miniorange Oauth 2.0 Client For Sso (wordpress Plugin)Miniorange Oauth 2.0 Client For Sso

The Google Authenticator WordPress plugin prior to 1.0.5 does not have CSRF check when saving its settings, and does not sanitise as well as escape them, allowing malicious users to make a logged in admin change them and perform Cross-Site Scripting attacks

Unknown Google Authenticator Miniorange Google Authenticator

The Malware Scanner WordPress plugin prior to 4.5.2 does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfiltered_html is disallowed (for examp...

Unknown Malware Scanner Miniorange Malware Scanner

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in miniOrange miniOrange's Google Authenticator – WordPress Two Factor Authentication – 2FA , Two Factor, OTP SMS and Email | Passwordless login.This issue affects miniOrange's Google A...

Miniorange Miniorange's Google Authenticator – Wordpress Two Factor Authentication – 2fa , Two Factor, Otp Sms And Email | Passwordless Login Miniorange Google Authenticator

The miniOrange's Google Authenticator WordPress plugin prior to 5.5 does not have proper authorisation and CSRF checks when handling the reconfigureMethod, and does not validate the parameters passed to it properly. As a result, unauthenticated users could delete arbitrary o...

Unknown Miniorange's Google Authenticator Miniorange Google Authenticator

The miniOrange's Google Authenticator plugin for WordPress is vulnerable to authorization bypass due to a missing capability check when changing plugin settings in versions up to, and including, 5.6.5. This makes it possible for unauthenticated malicious users to change the ...

Cyberlord92 Miniorange's Google Authenticator – Wordpress Two Factor Authentication – 2fa , Two Factor, Otp Sms And Email | Passwordless Login Miniorange Google Authenticator

The Limit Login Attempts WordPress plugin prior to 4.0.72 does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfiltered_html is disallowed (for...

Unknown Limit Login Attempts Miniorange Limit Login Attempts

In the miniOrange SAML SP Single Sign On plugin prior to 4.8.73 for WordPress, the SAML Login Endpoint is vulnerable to XSS via a specially crafted SAMLResponse XML post.

Miniorange Saml Sp Single Sign On

The Login with Cognito WordPress plugin up to and including 1.4.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for exa...

Unknown Login With Cognito Miniorange Login With Cognito

« PREV 1 2 3 4 5 6 7 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook