A plugin called “miniOrange Social Login and Register” for WordPress is not secure. This means that anyone who is not logged in can pretend to be any user on the site, like an administrator, if they know the username and the user doesn’t already have an account with the social media platform being used to log in.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
