CVE-2026-12761 | cyberlord92 miniOrange Social Login and Register Plugin up to 7.7.0 on WordPress Profile Completion Flow email_field random values
A vulnerability marked as problematic has been reported in cyberlord92 miniOrange Social Login and Register Plugin up to 7.7.0 on WordPress. Affected by this vulnerability is the function send_otp_token/mo_openid_social_login_validate_otp of the component Profile Completion Flow. Performing a manipulation of the argument email_field results in insufficiently random values.
This vulnerability is cataloged as CVE-2026-12761. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More