Vulnerabilities > Wpo365 > Wordpress Azure AD Microsoft Office 365
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-19 | CVE-2021-43409 | Cross-site Scripting vulnerability in Wpo365 Wordpress + Azure AD / Microsoft Office 365 The “WPO365 | LOGIN” WordPress plugin (up to and including version 15.3) by wpo365.com is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS). | 4.3 |
| 2020-10-02 | CVE-2020-26511 | Unspecified vulnerability in Wpo365 Wordpress + Azure AD / Microsoft Office 365 The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. | 5.0 |