Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
10 vulnerabilities by WPO365
CVE-2025-1488 (GCVE-0-2025-1488)
Vulnerability from nvd – Published: 2025-02-24 11:10 – Updated: 2026-04-08 16:46
VLAI
Title
WPO365 | MICROSOFT 365 GRAPH MAILER <= 3.2 - Open Redirect via 'redirect_to' Parameter
Summary
The WPO365 | MICROSOFT 365 GRAPH MAILER plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 3.2. This is due to insufficient validation on the redirect url supplied via the 'redirect_to' parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if 1. they can successfully trick them into performing an action and 2. the plugin is activated but not configured.
Severity
4.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| wpo365 | WPO365 | MICROSOFT 365 GRAPH MAILER |
Affected:
0 , ≤ 3.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1488",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-24T12:46:47.799172Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-24T12:47:14.566Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WPO365 | MICROSOFT 365 GRAPH MAILER",
"vendor": "wpo365",
"versions": [
{
"lessThanOrEqual": "3.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Krzysztof Zaj\u0105c"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WPO365 | MICROSOFT 365 GRAPH MAILER plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 3.2. This is due to insufficient validation on the redirect url supplied via the \u0027redirect_to\u0027 parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if 1. they can successfully trick them into performing an action and 2. the plugin is activated but not configured."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:46:57.099Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3a1782c3-ae0b-42f1-aa5e-dabfa2a5bbcd?source=cve"
},
{
"url": "https://wordpress.org/plugins/wpo365-msgraphmailer/#developers"
},
{
"url": "https://www.wpo365.com/change-log/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3244747/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-23T22:53:02.000Z",
"value": "Disclosed"
}
],
"title": "WPO365 | MICROSOFT 365 GRAPH MAILER \u003c= 3.2 - Open Redirect via \u0027redirect_to\u0027 Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-1488",
"datePublished": "2025-02-24T11:10:08.896Z",
"dateReserved": "2025-02-19T21:57:31.462Z",
"dateUpdated": "2026-04-08T16:46:57.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-4706 (GCVE-0-2024-4706)
Vulnerability from nvd – Published: 2024-05-23 07:31 – Updated: 2026-04-08 16:56
VLAI
Title
WordPress + Microsoft Office 365 / Azure AD | LOGIN <= 27.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via pintra Shortcode
Summary
The WordPress + Microsoft Office 365 / Azure AD | LOGIN plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pintra' shortcode in all versions up to, and including, 27.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity
6.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| wpo365 | WPO365 | SEAMLESS WORDPRESS + MICROSOFT INTEGRATION (WPO365 | LOGIN) |
Affected:
0 , ≤ 27.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4706",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-23T14:32:24.298352Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:54:12.585Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:47:41.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/602a8030-087b-459f-b649-b4116404cf3e?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3090428/wpo365-login"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WPO365 | SEAMLESS WORDPRESS + MICROSOFT INTEGRATION (WPO365 | LOGIN)",
"vendor": "wpo365",
"versions": [
{
"lessThanOrEqual": "27.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthew Rollings"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WordPress + Microsoft Office 365 / Azure AD | LOGIN plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s \u0027pintra\u0027 shortcode in all versions up to, and including, 27.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:56:29.400Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/602a8030-087b-459f-b649-b4116404cf3e?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3090428/wpo365-login"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-05-09T00:00:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2024-05-22T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "WordPress + Microsoft Office 365 / Azure AD | LOGIN \u003c= 27.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via pintra Shortcode"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-4706",
"datePublished": "2024-05-23T07:31:25.706Z",
"dateReserved": "2024-05-09T19:34:21.961Z",
"dateUpdated": "2026-04-08T16:56:29.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-32119 (GCVE-0-2023-32119)
Vulnerability from nvd – Published: 2023-08-23 12:41 – Updated: 2026-04-28 16:08
VLAI
Title
WordPress WPO365 | Mail Integration for Office 365 / Outlook Plugin <= 1.9.0 is vulnerable to Cross Site Scripting (XSS)
Summary
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPO365 | Mail Integration for Office 365 / Outlook plugin <= 1.9.0 versions.
Severity
5.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/vulnerability/mai… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| WPO365 | WPO365 | Mail Integration for Office 365 / Outlook |
Affected:
n/a , ≤ 1.9.0
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:03:29.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/mail-integration-365/wordpress-wpo365-mail-integration-for-office-365-outlook-plugin-1-9-0-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32119",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T14:31:41.111170Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T14:38:09.987Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "mail-integration-365",
"product": "WPO365 | Mail Integration for Office 365 / Outlook",
"vendor": "WPO365",
"versions": [
{
"changes": [
{
"at": "1.9.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.9.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nguyen Xuan Chien (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPO365 | Mail Integration for Office 365 / Outlook plugin \u003c=\u003cspan style=\"background-color: var(--wht);\"\u003e\u00a01.9.0 versions.\u003c/span\u003e"
}
],
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPO365 | Mail Integration for Office 365 / Outlook plugin \u003c=\u00a01.9.0 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:08:22.009Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/mail-integration-365/wordpress-wpo365-mail-integration-for-office-365-outlook-plugin-1-9-0-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u00a01.9.1 or a higher version."
}
],
"value": "Update to\u00a01.9.1 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress WPO365 | Mail Integration for Office 365 / Outlook Plugin \u003c= 1.9.0 is vulnerable to Cross Site Scripting (XSS)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-32119",
"datePublished": "2023-08-23T12:41:15.378Z",
"dateReserved": "2023-05-03T15:31:08.029Z",
"dateUpdated": "2026-04-28T16:08:22.009Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-43409 (GCVE-0-2021-43409)
Vulnerability from nvd – Published: 2021-11-19 15:39 – Updated: 2024-09-17 00:11
VLAI
Title
WPO365 | LOGIN - Wordpress Plugin Persistent Cross-Site Scripting
Summary
The “WPO365 | LOGIN” WordPress plugin (up to and including version 15.3) by wpo365.com is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS). Persistent XSS vulnerabilities occur when the application stores and retrieves client supplied data without proper handling of dangerous content. This type of XSS vulnerability is exploited by submitting malicious script content to the application which is then retrieved and executed by other application users. The attacker could exploit this to conduct a range of attacks against users of the affected application such as session hijacking, account take over and accessing sensitive data. In this case, the XSS payload can be submitted by any anonymous user, the payload then renders and executes when a WordPress administrator authenticates and accesses the WordPress Dashboard. The injected payload can carry out actions on behalf of the administrator including adding other administrative users and changing application settings. This flaw could be exploited to ultimately provide full control of the affected system to the attacker.
Severity
9.3 (Critical)
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.wpo365.com/change-log/ | x_refsource_MISC |
| https://appcheck-ng.com/wordpress-microsoft-offic… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| wpo365.com | WordPress + Microsoft Office 365 / Azure AD | LOGIN |
Affected:
unspecified , < 15.3
(custom)
|
Date Public
2021-10-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:55:29.263Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.wpo365.com/change-log/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://appcheck-ng.com/wordpress-microsoft-office-365-azure-ad-login-persistent-cross-site-scripting/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WordPress + Microsoft Office 365 / Azure AD | LOGIN",
"vendor": "wpo365.com",
"versions": [
{
"lessThan": "15.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-10-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The \u201cWPO365 | LOGIN\u201d WordPress plugin (up to and including version 15.3) by wpo365.com is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS). Persistent XSS vulnerabilities occur when the application stores and retrieves client supplied data without proper handling of dangerous content. This type of XSS vulnerability is exploited by submitting malicious script content to the application which is then retrieved and executed by other application users. The attacker could exploit this to conduct a range of attacks against users of the affected application such as session hijacking, account take over and accessing sensitive data. In this case, the XSS payload can be submitted by any anonymous user, the payload then renders and executes when a WordPress administrator authenticates and accesses the WordPress Dashboard. The injected payload can carry out actions on behalf of the administrator including adding other administrative users and changing application settings. This flaw could be exploited to ultimately provide full control of the affected system to the attacker."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-22T20:20:33.000Z",
"orgId": "2c188fdb-58e1-4908-8fce-3e437b94f1ae",
"shortName": "AppCheck"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.wpo365.com/change-log/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://appcheck-ng.com/wordpress-microsoft-office-365-azure-ad-login-persistent-cross-site-scripting/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WPO365 | LOGIN - Wordpress Plugin Persistent Cross-Site Scripting",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@appcheck-ng.com",
"DATE_PUBLIC": "2021-10-13T11:00:00.000Z",
"ID": "CVE-2021-43409",
"STATE": "PUBLIC",
"TITLE": "WPO365 | LOGIN - Wordpress Plugin Persistent Cross-Site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WordPress + Microsoft Office 365 / Azure AD | LOGIN",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "15.3"
}
]
}
}
]
},
"vendor_name": "wpo365.com"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The \u201cWPO365 | LOGIN\u201d WordPress plugin (up to and including version 15.3) by wpo365.com is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS). Persistent XSS vulnerabilities occur when the application stores and retrieves client supplied data without proper handling of dangerous content. This type of XSS vulnerability is exploited by submitting malicious script content to the application which is then retrieved and executed by other application users. The attacker could exploit this to conduct a range of attacks against users of the affected application such as session hijacking, account take over and accessing sensitive data. In this case, the XSS payload can be submitted by any anonymous user, the payload then renders and executes when a WordPress administrator authenticates and accesses the WordPress Dashboard. The injected payload can carry out actions on behalf of the administrator including adding other administrative users and changing application settings. This flaw could be exploited to ultimately provide full control of the affected system to the attacker."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.wpo365.com/change-log/",
"refsource": "MISC",
"url": "https://www.wpo365.com/change-log/"
},
{
"name": "https://appcheck-ng.com/wordpress-microsoft-office-365-azure-ad-login-persistent-cross-site-scripting/",
"refsource": "MISC",
"url": "https://appcheck-ng.com/wordpress-microsoft-office-365-azure-ad-login-persistent-cross-site-scripting/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2c188fdb-58e1-4908-8fce-3e437b94f1ae",
"assignerShortName": "AppCheck",
"cveId": "CVE-2021-43409",
"datePublished": "2021-11-19T15:39:00.854Z",
"dateReserved": "2021-11-05T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:11:29.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-26511 (GCVE-0-2020-26511)
Vulnerability from nvd – Published: 2020-10-02 04:04 – Updated: 2024-08-04 15:56
VLAI
Summary
The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.wpo365.com/change-log/ | x_refsource_MISC |
| https://plugins.trac.wordpress.org/changeset/2388992/ | x_refsource_MISC |
| https://wordpress.org/plugins/wpo365-login/#developers | x_refsource_MISC |
| https://wpvulndb.com/vulnerabilities/10418 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:56:04.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.wpo365.com/change-log/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2388992/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/wpo365-login/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpvulndb.com/vulnerabilities/10418"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-06T11:49:33.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.wpo365.com/change-log/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://plugins.trac.wordpress.org/changeset/2388992/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/wpo365-login/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpvulndb.com/vulnerabilities/10418"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-26511",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.wpo365.com/change-log/",
"refsource": "MISC",
"url": "https://www.wpo365.com/change-log/"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/2388992/",
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/changeset/2388992/"
},
{
"name": "https://wordpress.org/plugins/wpo365-login/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/wpo365-login/#developers"
},
{
"name": "https://wpvulndb.com/vulnerabilities/10418",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/10418"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-26511",
"datePublished": "2020-10-02T04:04:01.000Z",
"dateReserved": "2020-10-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T15:56:04.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1488 (GCVE-0-2025-1488)
Vulnerability from cvelistv5 – Published: 2025-02-24 11:10 – Updated: 2026-04-08 16:46
VLAI
Title
WPO365 | MICROSOFT 365 GRAPH MAILER <= 3.2 - Open Redirect via 'redirect_to' Parameter
Summary
The WPO365 | MICROSOFT 365 GRAPH MAILER plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 3.2. This is due to insufficient validation on the redirect url supplied via the 'redirect_to' parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if 1. they can successfully trick them into performing an action and 2. the plugin is activated but not configured.
Severity
4.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| wpo365 | WPO365 | MICROSOFT 365 GRAPH MAILER |
Affected:
0 , ≤ 3.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1488",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-24T12:46:47.799172Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-24T12:47:14.566Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WPO365 | MICROSOFT 365 GRAPH MAILER",
"vendor": "wpo365",
"versions": [
{
"lessThanOrEqual": "3.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Krzysztof Zaj\u0105c"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WPO365 | MICROSOFT 365 GRAPH MAILER plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 3.2. This is due to insufficient validation on the redirect url supplied via the \u0027redirect_to\u0027 parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if 1. they can successfully trick them into performing an action and 2. the plugin is activated but not configured."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:46:57.099Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3a1782c3-ae0b-42f1-aa5e-dabfa2a5bbcd?source=cve"
},
{
"url": "https://wordpress.org/plugins/wpo365-msgraphmailer/#developers"
},
{
"url": "https://www.wpo365.com/change-log/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3244747/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-23T22:53:02.000Z",
"value": "Disclosed"
}
],
"title": "WPO365 | MICROSOFT 365 GRAPH MAILER \u003c= 3.2 - Open Redirect via \u0027redirect_to\u0027 Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-1488",
"datePublished": "2025-02-24T11:10:08.896Z",
"dateReserved": "2025-02-19T21:57:31.462Z",
"dateUpdated": "2026-04-08T16:46:57.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-4706 (GCVE-0-2024-4706)
Vulnerability from cvelistv5 – Published: 2024-05-23 07:31 – Updated: 2026-04-08 16:56
VLAI
Title
WordPress + Microsoft Office 365 / Azure AD | LOGIN <= 27.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via pintra Shortcode
Summary
The WordPress + Microsoft Office 365 / Azure AD | LOGIN plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pintra' shortcode in all versions up to, and including, 27.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity
6.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| wpo365 | WPO365 | SEAMLESS WORDPRESS + MICROSOFT INTEGRATION (WPO365 | LOGIN) |
Affected:
0 , ≤ 27.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4706",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-23T14:32:24.298352Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:54:12.585Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:47:41.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/602a8030-087b-459f-b649-b4116404cf3e?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3090428/wpo365-login"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WPO365 | SEAMLESS WORDPRESS + MICROSOFT INTEGRATION (WPO365 | LOGIN)",
"vendor": "wpo365",
"versions": [
{
"lessThanOrEqual": "27.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthew Rollings"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WordPress + Microsoft Office 365 / Azure AD | LOGIN plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s \u0027pintra\u0027 shortcode in all versions up to, and including, 27.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:56:29.400Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/602a8030-087b-459f-b649-b4116404cf3e?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3090428/wpo365-login"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-05-09T00:00:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2024-05-22T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "WordPress + Microsoft Office 365 / Azure AD | LOGIN \u003c= 27.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via pintra Shortcode"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-4706",
"datePublished": "2024-05-23T07:31:25.706Z",
"dateReserved": "2024-05-09T19:34:21.961Z",
"dateUpdated": "2026-04-08T16:56:29.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-32119 (GCVE-0-2023-32119)
Vulnerability from cvelistv5 – Published: 2023-08-23 12:41 – Updated: 2026-04-28 16:08
VLAI
Title
WordPress WPO365 | Mail Integration for Office 365 / Outlook Plugin <= 1.9.0 is vulnerable to Cross Site Scripting (XSS)
Summary
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPO365 | Mail Integration for Office 365 / Outlook plugin <= 1.9.0 versions.
Severity
5.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/vulnerability/mai… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| WPO365 | WPO365 | Mail Integration for Office 365 / Outlook |
Affected:
n/a , ≤ 1.9.0
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:03:29.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/mail-integration-365/wordpress-wpo365-mail-integration-for-office-365-outlook-plugin-1-9-0-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32119",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T14:31:41.111170Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T14:38:09.987Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "mail-integration-365",
"product": "WPO365 | Mail Integration for Office 365 / Outlook",
"vendor": "WPO365",
"versions": [
{
"changes": [
{
"at": "1.9.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.9.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nguyen Xuan Chien (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPO365 | Mail Integration for Office 365 / Outlook plugin \u003c=\u003cspan style=\"background-color: var(--wht);\"\u003e\u00a01.9.0 versions.\u003c/span\u003e"
}
],
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPO365 | Mail Integration for Office 365 / Outlook plugin \u003c=\u00a01.9.0 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:08:22.009Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/mail-integration-365/wordpress-wpo365-mail-integration-for-office-365-outlook-plugin-1-9-0-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u00a01.9.1 or a higher version."
}
],
"value": "Update to\u00a01.9.1 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress WPO365 | Mail Integration for Office 365 / Outlook Plugin \u003c= 1.9.0 is vulnerable to Cross Site Scripting (XSS)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-32119",
"datePublished": "2023-08-23T12:41:15.378Z",
"dateReserved": "2023-05-03T15:31:08.029Z",
"dateUpdated": "2026-04-28T16:08:22.009Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-43409 (GCVE-0-2021-43409)
Vulnerability from cvelistv5 – Published: 2021-11-19 15:39 – Updated: 2024-09-17 00:11
VLAI
Title
WPO365 | LOGIN - Wordpress Plugin Persistent Cross-Site Scripting
Summary
The “WPO365 | LOGIN” WordPress plugin (up to and including version 15.3) by wpo365.com is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS). Persistent XSS vulnerabilities occur when the application stores and retrieves client supplied data without proper handling of dangerous content. This type of XSS vulnerability is exploited by submitting malicious script content to the application which is then retrieved and executed by other application users. The attacker could exploit this to conduct a range of attacks against users of the affected application such as session hijacking, account take over and accessing sensitive data. In this case, the XSS payload can be submitted by any anonymous user, the payload then renders and executes when a WordPress administrator authenticates and accesses the WordPress Dashboard. The injected payload can carry out actions on behalf of the administrator including adding other administrative users and changing application settings. This flaw could be exploited to ultimately provide full control of the affected system to the attacker.
Severity
9.3 (Critical)
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.wpo365.com/change-log/ | x_refsource_MISC |
| https://appcheck-ng.com/wordpress-microsoft-offic… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| wpo365.com | WordPress + Microsoft Office 365 / Azure AD | LOGIN |
Affected:
unspecified , < 15.3
(custom)
|
Date Public
2021-10-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:55:29.263Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.wpo365.com/change-log/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://appcheck-ng.com/wordpress-microsoft-office-365-azure-ad-login-persistent-cross-site-scripting/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WordPress + Microsoft Office 365 / Azure AD | LOGIN",
"vendor": "wpo365.com",
"versions": [
{
"lessThan": "15.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-10-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The \u201cWPO365 | LOGIN\u201d WordPress plugin (up to and including version 15.3) by wpo365.com is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS). Persistent XSS vulnerabilities occur when the application stores and retrieves client supplied data without proper handling of dangerous content. This type of XSS vulnerability is exploited by submitting malicious script content to the application which is then retrieved and executed by other application users. The attacker could exploit this to conduct a range of attacks against users of the affected application such as session hijacking, account take over and accessing sensitive data. In this case, the XSS payload can be submitted by any anonymous user, the payload then renders and executes when a WordPress administrator authenticates and accesses the WordPress Dashboard. The injected payload can carry out actions on behalf of the administrator including adding other administrative users and changing application settings. This flaw could be exploited to ultimately provide full control of the affected system to the attacker."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-22T20:20:33.000Z",
"orgId": "2c188fdb-58e1-4908-8fce-3e437b94f1ae",
"shortName": "AppCheck"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.wpo365.com/change-log/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://appcheck-ng.com/wordpress-microsoft-office-365-azure-ad-login-persistent-cross-site-scripting/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WPO365 | LOGIN - Wordpress Plugin Persistent Cross-Site Scripting",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@appcheck-ng.com",
"DATE_PUBLIC": "2021-10-13T11:00:00.000Z",
"ID": "CVE-2021-43409",
"STATE": "PUBLIC",
"TITLE": "WPO365 | LOGIN - Wordpress Plugin Persistent Cross-Site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WordPress + Microsoft Office 365 / Azure AD | LOGIN",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "15.3"
}
]
}
}
]
},
"vendor_name": "wpo365.com"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The \u201cWPO365 | LOGIN\u201d WordPress plugin (up to and including version 15.3) by wpo365.com is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS). Persistent XSS vulnerabilities occur when the application stores and retrieves client supplied data without proper handling of dangerous content. This type of XSS vulnerability is exploited by submitting malicious script content to the application which is then retrieved and executed by other application users. The attacker could exploit this to conduct a range of attacks against users of the affected application such as session hijacking, account take over and accessing sensitive data. In this case, the XSS payload can be submitted by any anonymous user, the payload then renders and executes when a WordPress administrator authenticates and accesses the WordPress Dashboard. The injected payload can carry out actions on behalf of the administrator including adding other administrative users and changing application settings. This flaw could be exploited to ultimately provide full control of the affected system to the attacker."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.wpo365.com/change-log/",
"refsource": "MISC",
"url": "https://www.wpo365.com/change-log/"
},
{
"name": "https://appcheck-ng.com/wordpress-microsoft-office-365-azure-ad-login-persistent-cross-site-scripting/",
"refsource": "MISC",
"url": "https://appcheck-ng.com/wordpress-microsoft-office-365-azure-ad-login-persistent-cross-site-scripting/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2c188fdb-58e1-4908-8fce-3e437b94f1ae",
"assignerShortName": "AppCheck",
"cveId": "CVE-2021-43409",
"datePublished": "2021-11-19T15:39:00.854Z",
"dateReserved": "2021-11-05T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:11:29.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-26511 (GCVE-0-2020-26511)
Vulnerability from cvelistv5 – Published: 2020-10-02 04:04 – Updated: 2024-08-04 15:56
VLAI
Summary
The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.wpo365.com/change-log/ | x_refsource_MISC |
| https://plugins.trac.wordpress.org/changeset/2388992/ | x_refsource_MISC |
| https://wordpress.org/plugins/wpo365-login/#developers | x_refsource_MISC |
| https://wpvulndb.com/vulnerabilities/10418 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:56:04.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.wpo365.com/change-log/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2388992/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/wpo365-login/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpvulndb.com/vulnerabilities/10418"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-06T11:49:33.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.wpo365.com/change-log/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://plugins.trac.wordpress.org/changeset/2388992/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/wpo365-login/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpvulndb.com/vulnerabilities/10418"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-26511",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.wpo365.com/change-log/",
"refsource": "MISC",
"url": "https://www.wpo365.com/change-log/"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/2388992/",
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/changeset/2388992/"
},
{
"name": "https://wordpress.org/plugins/wpo365-login/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/wpo365-login/#developers"
},
{
"name": "https://wpvulndb.com/vulnerabilities/10418",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/10418"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-26511",
"datePublished": "2020-10-02T04:04:01.000Z",
"dateReserved": "2020-10-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T15:56:04.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}