CVE-2023-25455

Name of the Vulnerable Software and Affected Versions miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) versions 7.6.0 and earlier

Description The issue is related to a Missing Authorization vulnerability, which allows exploitation due to incorrectly configured access control security levels.

Recommendations For versions 7.6.0 and earlier, update to a version later than 7.6.0 to resolve the issue. As a temporary workaround, consider reviewing and correcting the access control security levels configuration to minimize the risk of exploitation.