Vulnerabilities > Auth0 > WP Auth0 > 3.5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-01 | CVE-2020-5392 | Cross-site Scripting vulnerability in Auth0 Wp-Auth0 A stored cross-site scripting (XSS) vulnerability exists in the Auth0 plugin before 4.0.0 for WordPress via the settings page. | 4.3 |
| 2020-04-01 | CVE-2020-5391 | Cross-Site Request Forgery (CSRF) vulnerability in Auth0 Wp-Auth0 Cross-site request forgery (CSRF) vulnerabilities exist in the Auth0 plugin before 4.0.0 for WordPress via the domain field. | 6.8 |