CVE-2023-24375
CVSS 3.1 Score 3.5 of 10 (low)
Details
Published Dec 9, 2024
CWE ID 862
Summary
CVE-2023-24375 is a Missing Authorization vulnerability affecting the miniOrange WordPress Social Login and Register plugins, specifically those used for Discord, Google, Twitter, and LinkedIn integrations. This issue arises due to incorrectly configured access control security levels, enabling attackers to exploit the flaw and gain unauthorized access. The vulnerability impacts versions of the plugin from n/a through 7.5.14.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share