CRITICAL🇵🇱 Wersja polska

CVE-2026-7458

CVSS 9.8v3.1pub. 2026-05-02upd. 2026-05-05

The User Verification by PickPlugins plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.46. This is due to the use of a loose PHP comparison operator to validate OTP codes in the "user_verification_form_wrap_process_otpLogin" function. This makes it possible for unauthenticated attackers to log in as any user with a verified email address, such as an administrator, by submitting a "true" OTP value.

🤖 AI Analysis
How it works

The 'user_verification_form_wrap_process_otpLogin' function uses a loose PHP comparison operator (==) instead of a strict one (===) to validate the one-time password (OTP) code. PHP's loose comparison mechanism causes the text value 'true' to be considered equal to any non-zero OTP code. An unauthenticated attacker can submit the value 'true' as an OTP code, allowing them to bypass the verification mechanism and log in as any user with a verified email address.

Impact

An attacker can gain full access to any user account, including WordPress administrator accounts, which may lead to takeover of the entire website, data disclosure, installation of malicious software, or complete destruction of website content.

Mitigation & patch

The User Verification plugin by PickPlugins should be updated to a version higher than 2.0.46. The fix is available in changeset 3519113 in the WordPress repository. An immediate update is recommended through the WordPress admin panel or by manually applying the patch from the source indicated in the references.

Who is affected

User Verification by PickPlugins plugin for WordPress—all versions up to and including 2.0.46.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References