VYPR

Auth0

by WordPress

Source repositories

CVEs (3)

  • CVE-2020-5391HigApr 1, 2020
    risk 0.50cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerabilities exist in the Auth0 plugin before 4.0.0 for WordPress via the domain field.

  • CVE-2019-20173MedFeb 5, 2020
    risk 0.40cvss 6.1epss 0.02

    The Auth0 wp-auth0 plugin 3.11.x before 3.11.3 for WordPress allows XSS via a wle parameter associated with wp-login.php.

  • CVE-2020-5392MedApr 1, 2020
    risk 0.33cvss 6.1epss 0.01

    A stored cross-site scripting (XSS) vulnerability exists in the Auth0 plugin before 4.0.0 for WordPress via the settings page.