Vulnerabilities > Miniorange > Google Authenticator > 5.6.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-29 | CVE-2022-44589 | Unspecified vulnerability in Miniorange Google Authenticator Exposure of Sensitive Information to an Unauthorized Actor vulnerability in miniOrange miniOrange's Google Authenticator – WordPress Two Factor Authentication – 2FA , Two Factor, OTP SMS and Email | Passwordless login.This issue affects miniOrange's Google Authenticator – WordPress Two Factor Authentication – 2FA , Two Factor, OTP SMS and Email | Passwordless login: from n/a through 5.6.1. | 7.5 |
| 2023-10-20 | CVE-2022-4943 | Missing Authorization vulnerability in Miniorange Google Authenticator The miniOrange's Google Authenticator plugin for WordPress is vulnerable to authorization bypass due to a missing capability check when changing plugin settings in versions up to, and including, 5.6.5. | 5.3 |
| 2022-11-18 | CVE-2022-42461 | Unspecified vulnerability in Miniorange Google Authenticator Broken Access Control vulnerability in miniOrange's Google Authenticator plugin <= 5.6.1 on WordPress. | 8.8 |