Update the WordPress miniOrange's Google Authenticator plugin to the latest available version (at least 5.6.2).
Lana Codes discovered and reported this Broken Access Control vulnerability in WordPress miniOrange's Google Authenticator Plugin. This vulnerability has been fixed in version 5.6.2.
Factor Authentication plugin <= 5.6.1 Sensitive Data Exposure vulnerability
7.0
23.11.2022
Reflected CrossSite Scripting (XSS) vulnerability
6.1
27.06.2022
Authenticated Stored CrossSite Scripting (XSS) vulnerability
4.8
06.06.2022
Unauthenticated Arbitrary Options Deletion vulnerability
6.5
28.02.2022
Successfully submit vulnerabilities and receive an invite to our Alliance platform.
Learn more
Close
miniOrange's Google Authenticator
LinkedIn
Facebook
Twitter
Join Discord
