Vulnerabilities > Simple JWT Login Project > Simple JWT Login
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-27 | CVE-2021-24998 | Use of Insufficiently Random Values vulnerability in Simple JWT Login Project Simple JWT Login The Simple JWT Login WordPress plugin before 3.3.0 can be used to create new WordPress user accounts with a randomly generated password. | 7.5 |
| 2021-11-17 | CVE-2021-24804 | Cross-Site Request Forgery (CSRF) vulnerability in Simple JWT Login Project Simple JWT Login The Simple JWT Login WordPress plugin before 3.2.1 does not have nonce checks when saving its settings, allowing attackers to make a logged in admin changed them. | 6.8 |