Known Vulnerabilities for Social Login by Heateor
Listed below are 1 of the newest known vulnerabilities associated with "Social Login" by "Heateor".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-57751 json | Unauthenticated Cross Site Request Forgery (CSRF) in Heateor Social Login <= 1.1.39 versions. | Not Provided | 2026-07-02 | 2026-07-02 |
| CVE-2026-22337 json | Incorrect Privilege Assignment vulnerability in Directorist Directorist Social Login allows Privilege Escalation.This issue a... | Not Provided | 2026-04-27 | 2026-04-27 |
| CVE-2026-12863 json | An unvalidated redirect was contained in Venueless' social login functionality and could be exploited for phishing using trus... | Not Provided | 2026-06-22 | 2026-06-23 |
| CVE-2026-12761 json | The miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to authentic... | Not Provided | 2026-07-10 | 2026-07-13 |
| CVE-2026-12598 json | The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in versions up to and including 6.2.3 via the ... | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-12162 json | Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an attac... | Not Provided | 2026-06-16 | 2026-06-16 |
| CVE-2026-12117 json | Improper access control in the social login connection endpoint in Devolutions Server 2026.2.5 allows an authenticated vault... | Not Provided | 2026-06-16 | 2026-06-17 |
| CVE-2026-11798 json | The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to Reflecte... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-11502 json | A weakness has been identified in JeecgBoot up to 3.9.2. Impacted is the function HttpServletResponse.sendRedirect of the fil... | Not Provided | 2026-06-08 | 2026-06-08 |
| CVE-2026-9091 json | Casdoor versions 2.362.0 and earlier contain a logic flaw in the social‑login binding flow that allows users to bypass conf... | Not Provided | 2026-05-28 | 2026-05-29 |