CVE-2020-5392

Name of the Vulnerable Software and Affected Versions Auth0 plugin for WordPress versions prior to 4.0.0

Description A stored cross-site scripting (XSS) issue exists in the Auth0 plugin for WordPress via the settings page. This allows for malicious scripts to be stored and executed, potentially leading to unauthorized actions.

Recommendations For versions prior to 4.0.0, update to version 4.0.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the settings page to minimize the risk of exploitation.