CVE-2026-7458
- EPSS 0.58%
- Veröffentlicht 02.05.2026 05:16:01
- Zuletzt bearbeitet 05.05.2026 19:17:22
The User Verification by PickPlugins plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.46. This is due to the use of a loose PHP comparison operator to validate OTP codes in the "user_verification_f...
CVE-2026-32497
- EPSS 0.22%
- Veröffentlicht 25.03.2026 16:14:59
- Zuletzt bearbeitet 29.04.2026 10:17:15
Weak Authentication vulnerability in PickPlugins User Verification user-verification allows Authentication Abuse.This issue affects User Verification: from n/a through <= 2.0.45.
CVE-2025-12374
- EPSS 0.43%
- Veröffentlicht 05.12.2025 06:07:19
- Zuletzt bearbeitet 15.04.2026 00:35:42
The Email Verification, Email OTP, Block Spam Email, Passwordless login, Hide Login, Magic Login – User Verification plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.44. This is due to the plugin n...
CVE-2022-4693
- EPSS 1.6%
- Veröffentlicht 23.01.2023 15:15:16
- Zuletzt bearbeitet 02.04.2025 16:15:28
The User Verification WordPress plugin before 1.0.94 was affected by an Auth Bypass security vulnerability. To bypass authentication, we only need to know the user’s username. Depending on whose username we know, which can be easily queried because i...