Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how miniorange compares to other vendors in security performance

View Risk Score →

Software

miniorange miniorange 2fa drupal
6
miniorange active directory integration \/ ldap integration wordpress
4
miniorange google authenticator
4
miniorange malware scanner
4
miniorange active directory integration / ldap integration
3
miniorange google authenticator wordpress
3
miniorange oauth 2.0 client for sso
3
miniorange saml sp single sign on
3
miniorange wordpress social login and register \(discord\, google\, twitter\, linkedin\) wordpress
3
miniorange custom api for wp
2
miniorange otp verification with firebase
2
miniorange otp verification with firebase wordpress
2
miniorange page restriction wordpress
2
miniorange prevent files / folders access
2
miniorange saml
2
miniorange saml sso - service provider drupal
2
miniorange wordpress social login and register
2
miniorange wordpress social login and register (miniorange-login-openid)
2
miniorange discord integration
1
miniorange google authenticator plugin
1
miniorange limit login attempts
1
miniorange login using wordpress users
1
miniorange login with cognito
1
miniorange login with otp over sms, email, whatsapp and google authenticator
1
miniorange malware scanner wordpress
1
miniorange miniorange otp verification with firebase
1
miniorange oauth 2.0 client for sso wordpress
1
miniorange oauth single sign on wordpress
1
miniorange password policy manager
1
miniorange social login and register pro addon
1
miniorange social login wordpress
1
miniorange staff \/ employee business directory for active directory wordpress
1
miniorange web application firewall
1
miniorange web application firewall wordpress
1
miniorange web3 - crypto wallet login & nft token gating
1
miniorange web3 - crypto wallet login \& nft token gating wordpress
1
miniorange wordpress rest api authentication
1
miniorange wordpress rest api authentication wordpress
1
miniorange wordpress saml single sign on – sso login
1
miniorange wordpress security
1
miniorange wordpress social login, social sharing
1
miniorange wp oauth server wordpress
1

miniOrange Saml Sso - Service Provider DrupalSAML SSO - Service Provider - Critical - Authentication bypass - SA-CONTRIB-2026-031

Risk 56
Severity
7.4
First published (updated )
CVE-2026-5343

Drupal SAML SSO - Service ProviderSAML SSO - Service Provider - Critical - Cross-site scripting - SA-CONTRIB-2026-018

Risk 38
Severity
6.1
First published (updated )
CVE-2026-3217

miniOrange Google AuthenticatorWordPress miniOrange's Google Authenticator Plugin <= 6.1.1 - Broken Access Control Vulnerability

Risk 38
Severity
6.5
First published (updated )
CVE-2025-54745

miniOrange OTP Verification with FirebaseMiniorange OTP Verification with Firebase 3.1.0 - 3.6.2 - Unauthenticated Privilege Escalation

Risk 75
Severity
8.1
First published (updated )
CVE-2025-7665

miniOrange Prevent files / folders accessWordPress Prevent files / folders access Plugin <= 2.6.0 - Path Traversal Vulnerability

Risk 38
Severity
6.5
First published (updated )
CVE-2025-53561
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

miniOrange Custom API for WPWordPress Custom API for WP <= 4.2.2 - SQL Injection Vulnerability

Risk 61
Severity
9.3
First published (updated )
CVE-2025-54048

miniOrange Custom API for WPWordPress Custom API for WP <= 4.2.2 - Privilege Escalation Vulnerability

Risk 82
Severity
9.9
First published (updated )
CVE-2025-54049

miniOrange Miniorange 2fa DrupalEnterprise MFA - TFA for Drupal - Critical - Access bypass - SA-CONTRIB-2025-082

Risk 23
Severity
4.8
EPSS
0.05%
First published (updated )
CVE-2025-6675

miniOrange Password Policy ManagerWordPress Password Policy Manager plugin <= 2.0.4 - Account Takeover vulnerability

Risk 79
Severity
8.8
First published (updated )
CVE-2025-31019

miniOrange WordPress Social Login and RegisterWordPress Social Login and Register plugin <= 7.6.10 - Local File Inclusion Vulnerability

Risk 54
Severity
8.1
EPSS
0.15%
First published (updated )
CVE-2025-47670
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

miniOrange Miniorange 2fa DrupalEnterprise MFA - TFA for Drupal - Critical - Access bypass - SA-CONTRIB-2025-056

Risk 41
Severity
7.4
EPSS
0.05%
First published (updated )
CVE-2025-47710

miniOrange Miniorange 2fa DrupalEnterprise MFA - TFA for Drupal - Critical - Access bypass - SA-CONTRIB-2025-055

Risk 28
Severity
6.5
EPSS
0.03%
First published (updated )
CVE-2025-47709

miniOrange Miniorange 2fa DrupalEnterprise MFA - TFA for Drupal - Critical - Cross Site Request Forgery - SA-CONTRIB-2025-054

Risk 56
Severity
8.8
EPSS
0.02%
First published (updated )
CVE-2025-47708

miniOrange Miniorange 2fa DrupalEnterprise MFA - TFA for Drupal - Moderately critical - Access bypass - SA-CONTRIB-2025-053

Risk 31
Severity
7.5
EPSS
0.05%
First published (updated )
CVE-2025-47707

miniOrange Miniorange 2fa DrupalEnterprise MFA - TFA for Drupal - Moderately critical - Access bypass - SA-CONTRIB-2025-052

Risk 23
Severity
4.8
EPSS
0.04%
First published (updated )
CVE-2025-47706
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

miniOrange WordPress REST API AuthenticationWordPress REST API Authentication plugin <= 3.6.3 - Settings Change Vulnerability

Risk 25
Severity
5.4
EPSS
0.05%
First published (updated )
CVE-2025-39545

miniOrange Social Login WordpressminiOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) Pro Addon <= 200.3.9 - Authentication Bypass

Risk 86
Severity
9.8
First published (updated )
CVE-2024-11087

miniOrange Oauth \& Openid Connect Single Sign-on DrupalOAuth & OpenID Connect Single Sign On – SSO (OAuth/OIDC Client) - Critical - Cross Site Scripting - SA-CONTRIB-2024-067

Risk 38
Severity
6.1
First published (updated )
CVE-2024-13301

WordPress Protect WP Pages/PostPage Restriction WordPress (WP) – Protect WP Pages/Post <= 1.3.6 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure

Risk 43
Severity
7.5
First published (updated )
CVE-2024-11297

miniOrange WordPress SAML Single Sign On – SSO LoginWordPress SAML Single Sign On – SSO Login plugin <= 5.0.4 - Broken Access Control vulnerability

Risk 22
Severity
4.3
First published (updated )
CVE-2023-41873
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

miniOrange WordPress Social Login and Register (miniorange-login-openid)WordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.5.14 - Broken Access Control vulnerability

Risk 19
Severity
3.5
First published (updated )
CVE-2023-24375

miniOrange WordPress Social Login and Register (miniorange-login-openid)WordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.6.0 - Arbitrary Content Deletion vulnerability

Risk 27
Severity
5.3
First published (updated )
CVE-2023-25455

miniOrange miniOrange OTP Verification with FirebaseMiniorange OTP Verification with Firebase <= 3.6.0 - Privilege Escalation via Registration due to Administrator Default User Role Value

Risk 62
Severity
9.8
EPSS
0.06%
First published (updated )
CVE-2024-9863

miniOrange OTP Verification with FirebaseMiniorange OTP Verification with Firebase <= 3.6.0 - Unauthenticated Arbitrary User Password Change

Risk 62
Severity
9.8
EPSS
0.06%
First published (updated )
CVE-2024-9862

miniOrange OTP Verification with FirebaseMiniorange OTP Verification with Firebase <= 3.6.0 - Authentication Bypass

Risk 55
Severity
8.1
EPSS
0.06%
First published (updated )
CVE-2024-9861
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

miniOrange Web Application Firewall WordpressWeb Application Firewall <= 2.1.2 - IP Address Spoofing to Protection Mechanism Bypass

Risk 27
Severity
5.3
First published (updated )
CVE-2022-4539

miniOrange Malware ScannerWordPress Malware Scanner plugin <= 4.7.1 - IP Restriction Bypass vulnerability

Risk 27
Severity
5.3
First published (updated )
CVE-2023-52176

miniOrange WordPress Social Login and RegisterWordPress Social Login, Social Sharing by miniOrange plugin <= 7.6.6 - Authenticated Privilege Escalation vulnerability

Risk 71
Severity
8
First published (updated )
CVE-2023-47683

WordPress Protect WP Pages/PostPage Restriction WordPress (WP) – Protect WP Pages/Post <= 1.3.4 - Protection Mechanism Bypass

Risk 27
Severity
5.3
First published (updated )
CVE-2024-0681

miniOrange Malware ScannerMalware Scanner <= 4.7.2 and Web Application Firewall <= 2.1.1 - Unauthenticated Privilege Escalation

Risk 86
Severity
9.8
First published (updated )
CVE-2024-2172
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203