Highjenny

Auth0-PHP versions 8.0.0 through 8.18.0 Description: The Auth0-PHP SDK uses insufficient entropy for cookie encryption. This could allow attackers to brute-force the encryption key and forge session cookies. This affects applications using Auth0-PHP versions 8.0.0 through 8.18.0, as well as applications using Auth0/symfony, Auth0/laravel0-auth0, or Auth0/wordpress which rely on the Auth0-PHP SDK. Recommendations: Upgrade Auth0/Auth0-PHP to version 8.19.0 or greater.