How severe is CVE-2024-11087?

High severity. CVSS v3 base score is 8.1 out of 10.

Auth bypass in Cyberlord92 Miniorange Social Login And Register (Discord, Google, Twitter, Linkedin)

CVE-2024-11087

The miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) Pro Addon plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 200.3.9. This is due to insufficient verification on…

Vulnerability class: Broken Authentication

EPSS: 0.001 (16.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Cyberlord92 Miniorange Social Login And Register (Discord, Google, Twitter, Linkedin) — versions 0

Weakness classification (CWE)

CWE-287 — Improper Authentication

References

Frequently asked questions

What is CVE-2024-11087?: CVE-2024-11087 is a high-severity vulnerability in Cyberlord92 Miniorange Social Login And Register (Discord, Google, Twitter, Linkedin), classified under Improper Authentication. CVSS score: 8.1/10. Published 2025-03-08.
How severe is CVE-2024-11087?: High severity. CVSS v3 base score is 8.1 out of 10.