CVE-2026-3655 | glboy OTP Login With Phone Number OTP Verification Plugin AJAX lwp_ajax_register improper authentication (EUVD-2026-33255)

A vulnerability, which was classified as critical, was found in glboy OTP Login With Phone Number OTP Verification Plugin up to 1.8.60 on WordPress. Affected is the function lwp_ajax_register of the component AJAX Handler. Such manipulation leads to improper authentication.

This vulnerability is traded as CVE-2026-3655. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More