MiniOrange 厂商漏洞列表 / CVE 中文分析 29

MiniOrange 厂商相关 29 条 CVE 漏洞，含 AI 中文分析、POC、CVSS 评分与受影响产品。

Top products by MiniOrange:WordPress Social Login and Register WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn)Custom API for WP Malware Scanner miniOrange's Google Authenticator Prevent files / folders access Password Policy Manager miniOrange Discord Integration WordPress REST API Authentication miniorange otp verification SAML SP Single Sign On YourMembership Single Sign On miniOrange's Google Authenticator – WordPress Two Factor Authentication – 2FA , Two Factor, OTP SMS and Email | Passwordless login YourMembership Single Sign On – YM SSO Login OAuth Single Sign On – SSO (OAuth Client)LDAP Integration with Active Directory and OpenLDAP - NTLM & Kerberos Login OAuth Single Sign On Free WordPress REST API Authentication (WordPress plugin)miniOrange WordPress SAML SSO Standard miniOrange's Google Authenticator (WordPress plugin)OAuth 2.0 client for SSO (WordPress plugin)WP OAuth Server (WordPress plugin)

CVE ID	标题	CVSS	风险等级	Published
CVE-2025-68974	WordPress plugin WordPress Social Login and Register 安全漏洞 — WordPress Social Login and RegisterCWE-98	6.6	Medium	2025-12-30
CVE-2025-54745	WordPress plugin miniOranges Google Authenticator 安全漏洞 — miniOrange's Google AuthenticatorCWE-862	6.5	Medium	2025-12-18
CVE-2025-53561	WordPress plugin Prevent files / folders access 安全漏洞 — Prevent files / folders accessCWE-35	6.5	Medium	2025-08-20
CVE-2025-54048	WordPress plugin Custom API for WP SQL注入漏洞 — Custom API for WPCWE-89	9.3	Critical	2025-08-20
CVE-2025-54049	WordPress plugin Custom API for WP 安全漏洞 — Custom API for WPCWE-266	9.9	Critical	2025-08-20
CVE-2025-31019	WordPress plugin Password Policy Manager 安全漏洞 — Password Policy ManagerCWE-288	8.8	High	2025-06-09
CVE-2025-47670	WordPress plugin WordPress Social Login and Register 安全漏洞 — WordPress Social Login and RegisterCWE-98	8.1	High	2025-05-23
CVE-2025-47672	WordPress plugin miniOrange Discord Integration 安全漏洞 — miniOrange Discord IntegrationCWE-98	8.1	High	2025-05-23
CVE-2025-39545	WordPress plugin WordPress REST API Authentication 安全漏洞 — WordPress REST API AuthenticationCWE-862	5.4	Medium	2025-04-16
CVE-2023-41873	WordPress plugin SAML SP Single Sign On 安全漏洞 — SAML SP Single Sign OnCWE-862	4.3	Medium	2024-12-13
CVE-2023-37987	WordPress plugin YourMembership Single Sign On 安全漏洞 — YourMembership Single Sign OnCWE-862	6.5	Medium	2024-12-13
CVE-2023-24375	WordPress plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) 安全漏洞 — WordPress Social Login and RegisterCWE-862	3.5	Low	2024-12-09
CVE-2023-25455	WordPress plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) 安全漏洞 — WordPress Social Login and RegisterCWE-862	5.3	Medium	2024-12-09
CVE-2023-47776	WordPress plugin miniorange otp verification 安全漏洞 — miniorange otp verificationCWE-862	8.1	-	2024-12-09
CVE-2023-52176	WordPress plugin Malware Scanner 安全漏洞 — Malware ScannerCWE-290	5.3	Medium	2024-06-04
CVE-2023-47683	WordPress plugin WordPress Social Login and Register 安全漏洞 — WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn)CWE-269	8.0	High	2024-05-17
CVE-2024-25902	WordPress Plugin Malware Scanner SQL注入漏洞 — Malware ScannerCWE-89	7.6	High	2024-02-28
CVE-2022-44589	WordPress Plugin miniOrange Google Authenticator 信息泄露漏洞 — miniOrange's Google Authenticator – WordPress Two Factor Authentication – 2FA , Two Factor, OTP SMS and Email \| Passwordless loginCWE-200	8.1	High	2023-12-29
CVE-2023-37986	WordPress plugin YourMembership Single Sign On 跨站脚本漏洞 — YourMembership Single Sign On – YM SSO LoginCWE-79	5.9	Medium	2023-09-01
CVE-2022-34155	WordPress Plugin OAuth Single Sign On – SSO 授权问题漏洞 — OAuth Single Sign On – SSO (OAuth Client)CWE-287	8.8	High	2023-07-18
CVE-2023-23706	WordPress plugin WordPress Social Login and Register 跨站请求伪造漏洞 — WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn)CWE-352	4.3	Medium	2023-05-23
CVE-2023-23710	WordPress plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) 跨站脚本漏洞 — WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn)CWE-79	5.9	Medium	2023-04-25
CVE-2023-1092	WordPress plugin OAuth Single Sign On Free 跨站请求伪造漏洞 — OAuth Single Sign On Free	6.5	-	2023-03-27
CVE-2022-4496	WordPress plugin SAML SSO Standard 输入验证错误漏洞 — miniOrange WordPress SAML SSO Standard	6.1	-	2023-01-30
CVE-2023-23749	OpenLDAP 注入漏洞 — LDAP Integration with Active Directory and OpenLDAP - NTLM & Kerberos Login	7.5	-	2023-01-17
CVE-2022-45073	WordPress plugin REST API Authentication 跨站请求伪造漏洞 — WordPress REST API Authentication (WordPress plugin)CWE-352	5.4	Medium	2022-11-18
CVE-2022-42461	WordPress plugin Google Authenticator 安全漏洞 — miniOrange's Google Authenticator (WordPress plugin)CWE-264	5.4	Medium	2022-11-18
CVE-2022-34149	WordPress plugin WP OAuth Server 权限许可和访问控制问题漏洞 — WP OAuth Server (WordPress plugin)CWE-264	9.8	Critical	2022-08-22
CVE-2022-34858	WordPress plugin OAuth 访问控制错误漏洞 — OAuth 2.0 client for SSO (WordPress plugin)CWE-306	9.8	Critical	2022-08-22

本页汇总了 MiniOrange 厂商截至目前公开的全部 29 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接，并附带 AI 生成的中文分析以便快速判断风险。

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

MiniOrange 厂商漏洞列表 / CVE 中文分析 29

目标达成感谢每一位支持者 — 我们达成了 100% 目标！