Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Login by auth0'
2020-04-01
CVE-2020-7948
NVD-CWE-Other
An issue was discovered in the Login by Auth0 plugin before 4.0.0 for WordPress. A user can perform an insecure direct object reference.
CVE-2020-7947
CWE-74
An issue was discovered in the Login by Auth0 plugin before 4.0.0 for WordPress. It has numerous fields that can contain data that is pulled from different sources. One issue with this is that the data isn't sanitized, and no input validation is performed, before the exporting of the user data. This can lead to (at least) CSV injection if a crafted Excel document is uploaded.
CVE-2020-6753
CWE-79
The Login by Auth0 plugin before 4.0.0 for WordPress allows stored XSS on multiple pages, a different issue than CVE-2020-5392.
2020-02-05
CVE-2019-20173
CWE-79
The Auth0 wp-auth0 plugin 3.11.x before 3.11.3 for WordPress allows XSS via a wle parameter associated with wp-login.php.
>>>
Vendor:
Auth0
12
Products
Auth0.js
Aspnet
Aspnet-owin
Passport-sharepoint
Jsonwebtoken
LOCK
Login by auth0
Wp-auth0
Express-jwt
Auth0
Nextjs-auth0
Express openid connect
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 'Login by auth0' 