Vulnerabilities > Miniorange > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-21 | CVE-2022-0229 | Missing Authorization vulnerability in Miniorange Google Authenticator The miniOrange's Google Authenticator WordPress plugin before 5.5 does not have proper authorisation and CSRF checks when handling the reconfigureMethod, and does not validate the parameters passed to it properly. | 8.1 |
| 2021-08-13 | CVE-2021-36786 | Insecure Storage of Sensitive Information vulnerability in Miniorange Saml The miniorange_saml (aka Miniorange Saml) extension before 1.4.3 for TYPO3 allows Sensitive Data Exposure of API credentials and private keys. | 7.5 |