CRITICAL🇵🇱 Wersja polska

CVE-2025-14440

CVSS 9.8v3.1pub. 2025-12-13upd. 2026-04-15

The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrect authentication checking in the 'jay_login_register_process_switch_back' function with the 'jay_login_register_process_switch_back' cookie value. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id.

🤖 AI Analysis
How it works

The vulnerability results from improper identity verification in the 'jay_login_register_process_switch_back' function, which incorrectly processes a cookie value with the same name. An attacker can provide a crafted cookie value containing the identifier of the selected user (user id), which causes login to that account without the need to provide a password. The account switching mechanism does not properly validate the requester's permissions, which classifies the vulnerability as CWE-565 (reliance on cookie value without validation).

Impact

An attacker can take full control of any user account, including administrator account, thereby gaining unlimited access to resources, data and the WordPress site management panel.

Mitigation & patch

Patches available from the vendor should be applied according to references. An updated version of the plugin is available in the WordPress repository (changeset 3418754). Immediate plugin update is recommended as well as verification of access logs for unauthorized logins.

Who is affected

JAY Login & Register plugin for WordPress in versions up to and including 2.4.01

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References