Really Simple Security logo

Log out
Get PRO

Login with Cognito

  • Login with Cognito on WordPress.org
  • Current version: 1.5.2
  • Last update: July 19, 2024
  • Known issues: Fixed
The WordPress Login with Cognito plugin allows users to log in to a WordPress site using their AWS Cognito account credentials. It uses OAuth protocol for single sign-on and also covers user authentication. The plugin supports auto-creation of users, account linking, attribute mapping, and login widgets. It also allows users to log in without an SSL or HTTPS enabled site.

This information is sourced from wpvulnerabilities.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Submit

Vulnerabilities

  • Input validation vulnerability in Login with Cognito 1.4.8

    Fixed

    The Login with Cognito plugin for WordPress can be hacked by people with administrator-level access. This means they can insert dangerous code into pages on your website which can be executed when som...

    Read More

  • Authentication vulnerability in Login with Cognito 1.4.6

    Fixed

    The Login with Cognito plugin for WordPress is a tool that helps people log in to their WordPress sites. Unfortunately, versions of the plugin up to and including 1.4.6 have a security flaw that make...

    Read More

  • Input validation vulnerability in 4 plugins by miniorange

    Fixed

    Multiple miniorange Plugins for WordPress have a security vulnerability which can allow unauthenticated attackers to inject malicious code into webpages. This happens when the 'appId' parameter is not...

    Read More