CVE-2026-12761 - miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) <= 7.7.0 - Unauthenticated Authentication Bypass to Administrator Account Takeover via Profile Completion OTP Flow
CVE ID :CVE-2026-12761 Published : July 10, 2026, 9:16 p.m. | 1 hour, 16 minutes ago Description :The miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to authentication bypass leading to account takeover in versions up to and...