Vulnerabilities and security researches forminiorange-discord-integration miniorange-discord-integration

Jun 07, 2024

CVE, Research URL: CVE-2022-3082
Home page URL: Security reports for miniOrange Discord Integration
Application: miniOrange Discord Integration
Date: Oct 17, 2022
Research Description: The miniOrange Discord Integration WordPress plugin before 2.1.6 does not have authorisation and CSRF in some of its AJAX actions, allowing any logged in users, such as subscriber to call them, and disable the app for example
Affected versions: Min -, max -.
Status: vulnerable

May 25, 2025

CVE, Research URL: CVE-2025-47672
Home page URL: Security reports for miniOrange Discord Integration
Application: miniOrange Discord Integration
Date: May 23, 2025
Research Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in miniOrange miniOrange Discord Integration allows PHP Local File Inclusion. This issue affects miniOrange Discord Integration: from n/a through 2.2.2.
Affected versions: Min -, max -.
Status: vulnerable