CVE-2024-31107 – WordPress OpenID plugin <= 3.6.1 - Reflected Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-31107
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DiSo Development Team OpenID allows Reflected XSS.This issue affects OpenID: from n/a through 3.6.1. La vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web ('cross-site Scripting') en DiSo Development Team OpenID permite el XSS reflejado. Este problema afecta a OpenID: desde n/a hasta 3.6.1. The OpenID plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/openid/wordpress-openid-plugin-3-6-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-47683 – WordPress Social Login, Social Sharing by miniOrange plugin <= 7.6.6 - Authenticated Privilege Escalation vulnerability
https://notcve.org/view.php?id=CVE-2023-47683
Improper Privilege Management vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Privilege Escalation.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through 7.6.6. Una vulnerabilidad de gestión de privilegios incorrecta en miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) permite la escalada de privilegios. Este problema afecta a miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): desde n/a hasta 7.6.6 . The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 7.6.6. This is due to the plugin improperly restricting user meta values that can be updated and allowing users to control a user role update during a social login through the custom registration form. • https://patchstack.com/database/vulnerability/miniorange-login-openid/wordpress-social-login-social-sharing-by-miniorange-plugin-7-6-6-authenticated-privilege-escalation-vulnerability?_s_id=cve • CWE-269: Improper Privilege Management •
CVE-2023-25455 – WordPress Social Login and Register <= 7.6.0 - Missing Authorization to Unauthenticated Arbitrary Content Deletion
https://notcve.org/view.php?id=CVE-2023-25455
The WordPress Social Login and Register plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 7.6.0. This is due to a missing capability check on the 'mo_openid_login_validate' (and possibly 'end_new_tour2' and 'mo_openid_show_apps') functions. This makes it possible for unauthenticated attackers to delete social profile data and potentially perform other tasks. • CWE-862: Missing Authorization •
CVE-2023-24375 – WordPress Social Login and Register <=7.5.12 - Missing Authorization to Plugin Settings Update
https://notcve.org/view.php?id=CVE-2023-24375
The WordPress Social Login and Register plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the mo_sharing_app_value function as well as others that are reachable via AJAX action in versions up to, and including, 7.5.12. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change plugin settings. Additionally, some AJAX actions were missing nonce checks thus making them vulnerable to Cross-Site Request Forgery. This enables unauthenticated attackers to invoke the corresponding functions, granted they can trick an administrator into performing an action such as clicking on a link. • CWE-862: Missing Authorization •
CVE-2020-26244 – Cryptographic issues in Python oic
https://notcve.org/view.php?id=CVE-2020-26244
Python oic is a Python OpenID Connect implementation. In Python oic before version 1.2.1, there are several related cryptographic issues affecting client implementations that use the library. The issues are: 1) The IdToken signature algorithm was not checked automatically, but only if the expected algorithm was passed in as a kwarg. 2) JWA `none` algorithm was allowed in all flows. 3) oic.consumer.Consumer.parse_authz returns an unverified IdToken. The verification of the token was left to the discretion of the implementator. 4) iat claim was not checked for sanity (i.e. it could be in the future). These issues are patched in version 1.2.1. • https://github.com/OpenIDC/pyoidc/commit/62f8d753fa17c8b1f29f8be639cf0b33afb02498 https://github.com/OpenIDC/pyoidc/releases/tag/1.2.1 https://github.com/OpenIDC/pyoidc/security/advisories/GHSA-4fjv-pmhg-3rfg https://pypi.org/project/oic • CWE-325: Missing Cryptographic Step CWE-347: Improper Verification of Cryptographic Signature •