Filter
AND

Software

miniorange oauth single sign on
3
miniorange saml sp single sign on
3
miniorange active directory integration \/ ldap integration
2
miniorange google authenticator
2
miniorange staff \/ employee business directory for active directory
2
miniorange discord integration wordpress
1
miniorange limit login attempts
1
miniorange login using wordpress users
1
miniorange login with cognito
1
miniorange login with otp over sms\, email\, whatsapp and google authenticator
1
miniorange malware scanner
1
miniorange saml
1
miniorange web application firewall wordpress
1
miniorange wordpress security
1
miniorange wordpress social login and register \(discord\, google\, twitter\, linkedin\)
1

MiniOrange OAuth 2.0 Client for SSOOAuth Single Sign On - SSO (OAuth Client) < 6.24.2 - IdP Discard via CSRF

medium
6.5
First published (updated )
CVE-2023-1093

MiniOrange OAuth 2.0 Client for SSOOAuth Single Sign On - SSO (OAuth Client) - IdP Deletion via CSRF

medium
6.5
First published (updated )
CVE-2023-1092

MiniOrange Active Directory Integration / LDAP IntegrationThe Active Directory Integration / LDAP Integration plugin for WordPress is vulnerable to LDAP Passb…

medium
6.5
First published (updated )
CVE-2023-4506

Miniorange Staff / Employee Business Directory For Active DirectoryThe Staff / Employee Business Directory for Active Directory plugin for WordPress is vulnerable to L…

medium
4.9
First published (updated )
CVE-2023-4505

MiniOrange Active Directory Integration / LDAP IntegrationCSRF, SQL Injection

medium
6.5
First published (updated )
CVE-2023-2599

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Miniorange Login With CognitoLogin with Cognito <= 1.4.8 - Admin+ Stored XSS

medium
4.8
First published (updated )
CVE-2022-4200

Miniorange Web Application Firewall for WordpressWeb Application Firewall <= 2.1.2 - IP Address Spoofing to Protection Mechanism Bypass

medium
5.3
First published (updated )
CVE-2022-4539

miniOrange SAML SP Single Sign OnXSS

medium
6.1
First published (updated )
CVE-2019-12346

miniOrange SAML SP Single Sign OnXSS

medium
6.1
First published (updated )
CVE-2020-6850

MiniOrange SAMLXSS

medium
5.4
First published (updated )
CVE-2021-36785

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

miniOrange SAML SP Single Sign OnminiOrange WordPress SAML SSO multiple versions - Open Redirect in SSO login

medium
6.1
First published (updated )
CVE-2022-4496

miniOrange Discord Integration WordPressminiOrange Discord Integration < 2.1.6 - Subscriber+ App Disabling

medium
6.5
First published (updated )
CVE-2022-3082

MiniOrange OAuth 2.0 Client for SSOOAuth Single Sign On < 6.22.6 - Authentication Bypass

medium
5.3
First published (updated )
CVE-2022-2133

Miniorange Login With Otp Over Sms, Email, Whatsapp And Google AuthenticatorGoogle Authenticator < 1.0.8 - Admin+ Stored Cross-Site Scripting

medium
4.8
First published (updated )
CVE-2022-1994

miniorange Malware ScannerminiOrange's Malware Scanner < 4.5.2 - Admin+ Stored Cross-Site Scripting

medium
4.8
First published (updated )
CVE-2022-1995

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Miniorange Google AuthenticatorminiOrange's Google Authenticator < 5.5.6 - Admin+ Stored Cross-Site Scripting

medium
4.8
First published (updated )
CVE-2022-1321

MiniOrange Limit Login AttemptsLimit Login Attempts < 4.0.72 - Admin+ Stored Cross-Site Scripting

medium
4.8
First published (updated )
CVE-2022-1029

MiniOrange WordPress SecurityWordPress Security < 4.2.1 - Admin+ Stored Cross-Site Scripting

medium
4.8
First published (updated )
CVE-2022-1028

Miniorange Login Using Wordpress UsersLogin using WordPress Users < 1.13.4 - Admin+ Stored Cross-Site Scripting

medium
4.8
First published (updated )
CVE-2022-1010

Miniorange Google AuthenticatorminiOrange Google Authenticator < 1.0.5 - CSRF to Stored Cross-Site Scripting

medium
4.3
First published (updated )
CVE-2022-0875

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

miniOrange WordPress Social Login and RegisterWordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.5.14 is vulnerable to Cross Site Scripting (XSS)

medium
5.9
First published (updated )
CVE-2023-23710

Miniorange Staff / Employee Business Directory For Active DirectoryStaff / Employee Business Directory for Active Directory < 1.2.3 - Improper escaping of LDAP entries

medium
5.4
First published (updated )
CVE-2023-4757

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203