Every CVE whose affected-product data names Auth0 Wp-auth0, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2020-5391 — CVSS 8.8 (high): Cross-site request forgery (CSRF) vulnerabilities exist in the Auth0 plugin before 4.0.0 for WordPress via the domain field.
CVE-2025-68129 — CVSS 6.8 (medium): Auth0-PHP is a PHP SDK for Auth0 Authentication and Management APIs. In applications built with the Auth0-PHP SDK, the audience validation…
CVE-2020-5392 — CVSS 6.1 (medium): A stored cross-site scripting (XSS) vulnerability exists in the Auth0 plugin before 4.0.0 for WordPress via the settings page.