CVE-2024-10020
- EPSS 0.46%
- Veröffentlicht 06.11.2024 07:15:03
- Zuletzt bearbeitet 08.11.2024 21:19:58
The Heateor Social Login WordPress plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.1.35. This is due to insufficient verification on the user being returned by the social login token. This makes it ...
CVE-2024-35706
- EPSS 0.17%
- Veröffentlicht 08.06.2024 15:15:54
- Zuletzt bearbeitet 21.11.2024 09:20:42
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Team Heateor Heateor Social Login allows Cross-Site Scripting (XSS).This issue affects Heateor Social Login: from n/a through 1.1.32.
CVE-2024-35707
- EPSS 0.14%
- Veröffentlicht 08.06.2024 14:15:08
- Zuletzt bearbeitet 21.11.2024 09:20:42
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Team Heateor Heateor Social Login allows Stored XSS.This issue affects Heateor Social Login: from n/a through 1.1.32.
CVE-2024-32674
- EPSS 0.25%
- Veröffentlicht 08.05.2024 04:15:09
- Zuletzt bearbeitet 04.06.2025 17:23:08
Heateor Social Login WordPress prior to 1.1.32 contains a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product.
CVE-2024-24712
- EPSS 0.08%
- Veröffentlicht 10.02.2024 08:15:07
- Zuletzt bearbeitet 21.11.2024 08:59:33
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Heateor Heateor Social Login WordPress allows Stored XSS.This issue affects Heateor Social Login WordPress: from n/a through 1.1.30.