The Login by Auth0 plugin prior to 4.0.0 for WordPress allows stored XSS on multiple pages, a different issue than CVE-2020-5392.
auth0 login by auth0