Mattmarji

**Name of the Vulnerable Software and Affected Versions** Auth0 plugin for WordPress versions prior to 4.0.0 **Description** The issue is related to cross-site request forgery (CSRF) vulnerabilities. These vulnerabilities exist in the Auth0 plugin for WordPress, specifically via the `domain` field. **Recommendations** For versions prior to 4.0.0, update to version 4.0.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the `domain` field to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Auth0 plugin for WordPress versions prior to 4.0.0 **Description** A stored cross-site scripting (XSS) issue exists in the Auth0 plugin for WordPress via the settings page. This allows for malicious scripts to be stored and executed, potentially leading to unauthorized actions. **Recommendations** For versions prior to 4.0.0, update to version 4.0.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the settings page to minimize the risk of exploitation.