Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1
CVE-2021-43409
- EPSS 1.32%
- Published 19.11.2021 16:15:08
- Last modified 21.11.2024 06:29:11
The “WPO365 | LOGIN” WordPress plugin (up to and including version 15.3) by wpo365.com is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS). Persistent XSS vulnerabilities occur when the ap...
7.5
CVE-2020-26511
- EPSS 0.54%
- Published 02.10.2020 05:15:12
- Last modified 21.11.2024 05:19:56
The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass.
1