CVE-2020-5391, CVE-2020-5392, CVE-2020-6753, CVE-2020-7948, CVE-2020-7947: Security Update for WordPress Plugin for Auth0

Published: March 31, 2020

CVE numbers: CVE-2020-5391, CVE-2020-5392, CVE-2020-6753, CVE-2020-7948, CVE-2020-7947

Credit: Muhamad Visat

Overview

Auth0 has released a new major version of the WordPress Plugin for Auth0 to address several vulnerabilities.

We recommend you review the following security advisories and upgrade to the new major version:

Am I affected?

Customers using any version of the WordPress Plugin for Auth0 3.11.3 or earlier can be affected.

How to fix that?

Customers using WordPress Plugin for Auth0 need to upgrade to version 4.0.0 or higher.

Will this update impact my users?

The release notes provide more in-depth information about the changes that were made, and the migration instructions provide more in-depth information about the upgrade path.