GCVE - cpe:2.3:a:miniorange:wordpress_social_login_and

Approved changes feed: RSS · Atom

cpe:2.3:a:miniorange:wordpress_social_login_and_register:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Miniorange (`30ca830e-0f9b-52a7-9359-14c31196f049`)
Product	Wordpress Social Login And Register (`56b23a06-cd50-57c6-81dd-ff85688200a1`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-68974`	vulnerable	2026-06-03 15:11:04.291328	WordPress WordPress Social Login and Register plugin <= 7.7.0 - Local File Inclusion vulnerability MEDIUM (6.6) Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows PHP Local File Inclusion.This issue affects WordPress Social Login and Register: from n/a through <= 7.7.0. Published: 2025-12-30T10:47:47.632Z Updated: 2026-04-28T16:14:33.450Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/miniorange-login-openid/vulnerability/wordpress-wordpress-social-login-and-register-plugin-7-7-0-local-file-inclusion-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-47670`	vulnerable	2026-06-03 15:01:33.212880	WordPress Social Login and Register plugin <= 7.6.10 - Local File Inclusion Vulnerability HIGH (8.1) Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows PHP Local File Inclusion.This issue affects WordPress Social Login and Register: from n/a through <= 7.6.10. Published: 2025-05-23T12:43:21.642Z Updated: 2026-04-28T16:12:49.087Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/miniorange-login-openid/vulnerability/wordpress-wordpress-social-login-and-register-7-6-9-local-file-inclusion-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-24375`	vulnerable	2026-06-03 14:49:29.568572	WordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.5.14 - Broken Access Control vulnerability LOW (3.5) Missing Authorization vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through 7.5.14. Published: 2024-12-09T11:31:41.294Z Updated: 2026-04-28T16:08:05.219Z Open on db.gcve.eu Reference links https://patchstack.com/database/wordpress/plugin/miniorange-login-openid/vulnerability/wordpress-wordpress-social-login-and-register-discord-google-twitter-linkedin-plugin-7-5-14-broken-access-control?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Wordpress Social Login And Register

PURL mappings

Vulnerability references

Contribute