CVE-2025-6688
CVE-2025-6688 (Simple Payment, WordPress) : Affects WordPress Simple Payment plugin versions 1.3.6–2.3.8. Root cause: login flow does not properly verify a user’s identity before using create_user(), enabling an unauthenticated attacker to log in as an administrator. Impact: Authentication bypass...