miniOrange’s WordPress Social Login and Register plugin was affected by a critical auth bypass bug | allinfosecnews.com

June 30, 2023, 4:03 a.m. | Pierluigi Paganini

Security Affairs securityaffairs.co

A critical authentication bypass flaw in miniOrange’s WordPress Social Login and Register plugin, can allow gaining access to any account on a site. Wordfence researchers discovered an authentication bypass vulnerability in miniOrange’s WordPress Social Login and Register plugin, that can allow an unauthenticated attacker to gain access to any account on a site by knowing the associated email […]

The post miniOrange’s WordPress Social Login and Register plugin was affected by a critical auth bypass bug appeared first on Security …

access account auth authentication authentication bypass authentication bypass flaw breaking news bug bypass critical flaw hacking information security news it information security login pierluigi paganini plugin register researchers social vulnerability wordfence wordpress

More from securityaffairs.co / Security Affairs

North Korea-linked IT workers infiltrated hundreds of US firms 9 hours ago | securityaffairs.co

arizona breaking news charged charges +15

Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs 1 day, 3 hours ago | securityaffairs.co

apt backdoor backdoors breach +18

City of Wichita disclosed a data breach after the recent ransomware attack 1 day, 11 hours ago | securityaffairs.co

attack breach breaking news city +19

CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog 1 day, 14 hours ago | securityaffairs.co

agency binding operational directive bod breaking news +24

CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog 1 day, 15 hours ago | securityaffairs.co

agency breaking news catalog chrome +35

North Korea-linked Kimsuky APT attack targets victims via Messenger 1 day, 17 hours ago | securityaffairs.co

accounts agency amp analysis +32

Electronic prescription provider MediSecure impacted by a ransomware attack 2 days, 3 hours ago | securityaffairs.co

attack australia breaking news cyber +26

Google fixes seventh actively exploited Chrome zero-day this year, the third in a week 2 days, 11 hours ago | securityaffairs.co

actively exploited address attacks breaking news +26

Santander: a data breach at a third-party provider impacted customers and employees 2 days, 15 hours ago | securityaffairs.co

aware bank breach breaking news +18

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

COMM Penetration Tester (PenTest-2), Chantilly, VA OS&CI Job #368

@ Allen Integrated Solutions | Chantilly, Virginia, United States

View on infosec-jobs.com

Consultant Sécurité SI H/F Gouvernance - Risques - Conformité

@ Hifield | Sèvres, France

View on infosec-jobs.com

Infrastructure Consultant

@ Telefonica Tech | Belfast, United Kingdom

View on infosec-jobs.com