Auth bypass in Cyberlord92 Miniorange Social Login And Register (Discord, Google, Twitter, Linkedin)
CVE-2026-12761
The miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to authentication bypass leading to account takeover in versions up to and including 7.7.0. This is due to the Profile Complet…
Vulnerability class: Broken Authentication
CVSS v3 metric
CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.
Affected products
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2026-12761?
- CVE-2026-12761 is a critical-severity vulnerability in Cyberlord92 Miniorange Social Login And Register (Discord, Google, Twitter, Linkedin), classified under Improper Authentication. CVSS score: 9.8/10. Published 2026-07-10.
- How severe is CVE-2026-12761?
- Critical severity. CVSS v3 base score is 9.8 out of 10.