Vulnerability Description
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.5.14 versions.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Miniorange | Wordpress Social Login And Register \(Discord\, Google\, Twitter\, Linkedin\) | < 7.6.0 |
Related Weaknesses (CWE)
References
- https://patchstack.com/database/vulnerability/miniorange-login-openid/wordpress-Third Party Advisory
- https://patchstack.com/database/vulnerability/miniorange-login-openid/wordpress-Third Party Advisory
FAQ
What is CVE-2023-23710?
CVE-2023-23710 is a vulnerability with a CVSS score of 5.9 (MEDIUM). Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.5.14 versions.
How severe is CVE-2023-23710?
CVE-2023-23710 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-23710?
Check the references section above for vendor advisories and patch information. Affected products include: Miniorange Wordpress Social Login And Register \(Discord\, Google\, Twitter\, Linkedin\).