CVE-2026-12598 - LoginPress Pro <= 6.2.3 - Unauthenticated Authentication Bypass via Unverified OAuth Email in Spotify OAuth Callback
CVE ID :CVE-2026-12598 Published : July 10, 2026, 12:16 a.m. | 16 minutes ago Description :The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in versions up to and including 6.2.3 via the Spotify Social Login addon. This is due to the loginpress_on_spotify_login()...