Stored XSS Vulnerability in Login by Auth0 Plugin for WordPress
CVE-2020-6753

6.1MEDIUM

Key Information:

Vendor: Wordpress
Status: Login By Auth0
Vendor: CVE Published:; 1 April 2020

What is CVE-2020-6753?

The Login by Auth0 plugin for WordPress, versions prior to 4.0.0, is susceptible to a stored Cross-Site Scripting (XSS) vulnerability impacting multiple pages. This flaw can allow attackers to inject malicious scripts that are stored on the server, potentially compromising user data and session integrity. Users are strongly advised to update to the latest version to mitigate associated security risks.