8 matches found
EUVD-2025-22303
Malicious code in bioql PyPI...
WordPress Orion Login with SMS plugin authentication bypass vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An authentication bypass vulnerability exists in the WordPress Orion Login with SMS plugin, which stems from an insufficiently strong OTP value for the olwshandleverifyphone...
CVE-2025-7692
The Orion Login with SMS plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.5. This is due to the olwshandleverifyphone function not utilizing a strong enough OTP value, exposing the hash needed to generate the OTP value, and no restrictions on t...
CVE-2025-7692
The Orion Login with SMS plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.5. This is due to the olwshandleverifyphone function not utilizing a strong enough OTP value, exposing the hash needed to generate the OTP value, and no restrictions on t...
CVE-2025-7692 Orion Login with SMS <= 1.0.5 - Authentication Bypass via Weak OTP
The Orion Login with SMS plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.5. This is due to the olwshandleverifyphone function not utilizing a strong enough OTP value, exposing the hash needed to generate the OTP value, and no restrictions on t...
CVE-2025-7692 Orion Login with SMS <= 1.0.5 - Authentication Bypass via Weak OTP
The Orion Login with SMS plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.5. This is due to the olwshandleverifyphone function not utilizing a strong enough OTP value, exposing the hash needed to generate the OTP value, and no restrictions on t...
PT-2025-30390 · WordPress · Orion Login With Sms
Name of the Vulnerable Software and Affected Versions: Orion Login with SMS plugin for WordPress versions up to and including 1.0.5 Description: The Orion Login with SMS plugin for WordPress is susceptible to authentication bypass due to insufficient security measures in the olws handle verify...
WordPress plugin Orion Login with SMS 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An authentication bypass vulnerability exists in the WordPress Orion Login with SMS plugin, which stems from an insufficiently strong OTP value for the olwshandleverifyphone...