Vulnerabilities > Auth0 > WP Auth0

DATE CVE VULNERABILITY TITLE RISK
2020-04-01 CVE-2020-5392 Cross-site Scripting vulnerability in Auth0 Wp-Auth0
A stored cross-site scripting (XSS) vulnerability exists in the Auth0 plugin before 4.0.0 for WordPress via the settings page.
network
low complexity
auth0 CWE-79
6.1
2020-04-01 CVE-2020-5391 Cross-Site Request Forgery (CSRF) vulnerability in Auth0 Wp-Auth0
Cross-site request forgery (CSRF) vulnerabilities exist in the Auth0 plugin before 4.0.0 for WordPress via the domain field.
network
low complexity
auth0 CWE-352
8.8