WordPress Plugin Vulnerabilities

miniOrange OTP Login, Verification and SMS Notifications < 5.5.0 - Unauthenticated Privilege Escalation

Description

The plugin is affected by an unauthenticated privilege escalation vulnerability, allowing unauthenticated attackers to elevate their privileges to those of an administrator.

Affects Plugins

References

Classification

Miscellaneous

Original Researcher
Peng Zhou
Verified
No

Timeline

Publicly Published
2026-05-24 (about 1 month ago)
Added
2026-05-26 (about 1 month ago)
Last Updated
2026-07-03 (about 1 day ago)

Other