Back to CVE List

CVE-2026-12492

Vulnerability Description

The Happy Coders OTP Login for WooCommerce WordPress plugin before 2.8 does not verify that a one-time password was actually validated before authenticating a user based on a supplied identifier, allowing unauthenticated attackers to log in as any existing user, including administrators, as well as to create new accounts.

Vulnerability Details

Published Date
Last Modified
Source
NVD
Vendor
Unknown
Product
Happy Coders OTP Login for WooCommerce

External References

Discussion (0)

Add Comment

No comments yet. Be the first!