CVE-2025-46345 | auth0-extensions auth0-account-link-extension up to 2.6.6 authentication spoofing (GHSA-j2jh-rqff-7vmg)

Inserito da Angelo Barbosa | Mag 1, 2025 | CVE

A vulnerability classified as critical was found in auth0-extensions auth0-account-link-extension up to 2.6.6. Affected by this vulnerability is an unknown functionality. The manipulation leads to authentication bypass by spoofing.

This vulnerability is known as CVE-2025-46345. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-46345 | auth0-extensions auth0-account-link-extension up to 2.6.6 authentication spoofing (GHSA-j2jh-rqff-7vmg)

Post correlati

CVE-2024-30415 | Huawei HarmonyOS/EMUI Window Management Module permission

CVE-2024-2119 | LuckyWP Table of Contents Plugin up to 2.1.4 on WordPress cross site scripting

CVE-2024-22217 | Terminalfour up to 8.3.18 server-side request forgery

CVE-2024-32579 | GloriaFood Restaurant Menu Plugin up to 2.4.1 on WordPress cross site scripting