Filter

Software

miniorange active directory integration \/ ldap integration
6
miniorange google authenticator
6
miniorange oauth single sign on
4
miniorange otp verification with firebase wordpress
3
miniorange saml sp single sign on
3
miniorange wordpress social login and register \(discord\, google\, twitter\, linkedin\)
3
miniorange saml
2
miniorange staff \/ employee business directory for active directory
2
miniorange web3 - crypto wallet login \& nft token gating
2
miniorange discord integration wordpress
1
miniorange ldap integration with active directory and openldap
1
miniorange limit login attempts
1
miniorange login using wordpress users
1
miniorange login with cognito
1
miniorange login with otp over sms\, email\, whatsapp and google authenticator
1
miniorange malware scanner
1
miniorange oauth 2.0 client for sso
1
miniorange prevent files \/ folders access
1
miniorange web application firewall wordpress
1
miniorange wordpress rest api authentication
1
miniorange wordpress security
1

MiniOrange OAuth 2.0 Client for SSOWordPress OAuth 2.0 client for SSO plugin <= 1.11.3 - Authentication Bypass vulnerability

critical
9.8
First published (updated )
CVE-2022-34858

WP OAuth ServerWordPress WP OAuth Server plugin <= 3.0.4 - Authentication Bypass vulnerability

critical
9.8
First published (updated )
CVE-2022-34149

Miniorange Google AuthenticatorWordPress miniOrange's Google Authenticator plugin <= 5.6.1 - Broken Access Control vulnerability

high
8.8
First published (updated )
CVE-2022-42461

MiniOrange WordPress REST API AuthenticationWordPress REST API Authentication plugin <= 2.4.0 - Cross-Site Request Forgery (CSRF) vulnerability

high
8.8
First published (updated )
CVE-2022-45073

MiniOrange OAuth 2.0 Client for SSOOAuth Single Sign On - SSO (OAuth Client) < 6.24.2 - IdP Discard via CSRF

medium
6.5
First published (updated )
CVE-2023-1093

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

MiniOrange OAuth 2.0 Client for SSOOAuth Single Sign On - SSO (OAuth Client) - IdP Deletion via CSRF

medium
6.5
First published (updated )
CVE-2023-1092

MiniOrange Active Directory Integration / LDAP IntegrationThe Active Directory Integration / LDAP Integration plugin for WordPress is vulnerable to LDAP Passb…

medium
6.5
First published (updated )
CVE-2023-4506

Miniorange Staff / Employee Business Directory For Active DirectoryThe Staff / Employee Business Directory for Active Directory plugin for WordPress is vulnerable to L…

medium
4.9
First published (updated )
CVE-2023-4505

Miniorange OTP Verification with Firebase WordPressMiniorange OTP Verification with Firebase <= 3.6.0 - Unauthenticated Arbitrary User Password Change

critical
9.8
EPSS
0.06%
First published (updated )
CVE-2024-9862

Miniorange OTP Verification with Firebase WordPressMiniorange OTP Verification with Firebase <= 3.6.0 - Authentication Bypass

high
8.1
EPSS
0.06%
First published (updated )
CVE-2024-9861

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

MiniOrange Active Directory Integration / LDAP IntegrationActive Directory Integration / LDAP Integration < 4.1.1 - Unauthenticated Data Disclosure

high
7.5
First published (updated )
CVE-2023-0812

miniOrange WordPress Social Login and RegisterWordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Plugin <= 7.5.14 is vulnerable to Cross Site Request Forgery (CSRF)

high
8.8
First published (updated )
CVE-2023-23706

MiniOrange Active Directory Integration / LDAP IntegrationSQL Injection

high
7.2
First published (updated )
CVE-2023-2484

MiniOrange Active Directory Integration / LDAP IntegrationCSRF, SQL Injection

medium
6.5
First published (updated )
CVE-2023-2599

Miniorange Web3 - Crypto Wallet Login & Nft Token GatingThe Web3 – Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to authenticati…

critical
9.8
First published (updated )
CVE-2023-3249

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

miniOrange WordPress Social Login and RegisterThe WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is…

critical
9.8
First published (updated )
CVE-2023-2982

MiniOrange Active Directory Integration / LDAP IntegrationThe Active Directory Integration / LDAP Integration plugin for WordPress is vulnerable to LDAP Injec…

high
8.6
First published (updated )
CVE-2023-3447

MiniOrange Active Directory Integration / LDAP IntegrationActive Directory Integration < 4.1.10 - Unauthenticated Log Disclosure

high
7.5
First published (updated )
CVE-2023-5003

MiniOrange Prevent Files / Folders AccessPrevent files / folders access < 2.5.2 - Admin+ Arbitrary File Upload

high
7.2
First published (updated )
CVE-2023-4238

Miniorange Login With CognitoLogin with Cognito <= 1.4.8 - Admin+ Stored XSS

medium
4.8
First published (updated )
CVE-2022-4200

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Miniorange OTP Verification with Firebase WordPressMiniorange OTP Verification with Firebase <= 3.6.0 - Privilege Escalation via Registration due to Administrator Default User Role Value

critical
9.8
EPSS
0.06%
First published (updated )
CVE-2024-9863

Miniorange Web3 - Crypto Wallet Login & Nft Token GatingWeb3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass

critical
9.8
First published (updated )
CVE-2023-6036

MiniOrange OAuth 2.0 Client for SSOWordPress OAuth Single Sign On – SSO (OAuth Client) Plugin <= 6.23.3 is vulnerable to Broken Authentication

high
8.8
First published (updated )
CVE-2022-34155

Miniorange Web Application Firewall for WordpressWeb Application Firewall <= 2.1.2 - IP Address Spoofing to Protection Mechanism Bypass

medium
5.3
First published (updated )
CVE-2022-4539

miniOrange SAML SP Single Sign OnXSS

medium
6.1
First published (updated )
CVE-2019-12346

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

miniOrange SAML SP Single Sign OnXSS

medium
6.1
First published (updated )
CVE-2020-6850

MiniOrange Active Directory Integration / LDAP IntegrationExtension - miniorange - LDAP Integration - LDAP Injection (username)

high
7.5
First published (updated )
CVE-2023-23749

MiniOrange SAMLThe miniorange_saml (aka Miniorange Saml) extension before 1.4.3 for TYPO3 allows Sensitive Data Exp…

high
7.5
First published (updated )
CVE-2021-36786

MiniOrange SAMLXSS

medium
5.4
First published (updated )
CVE-2021-36785

Miniorange Google AuthenticatorWordPress miniOrange's Google Authenticator Plugin <= 5.6.1 is vulnerable to Sensitive Data Exposure

high
8.1
First published (updated )
CVE-2022-44589

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203