PatchSiren

miniOrange Security Software Pvt Ltd. CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

CRITICAL miniOrange Security Software Pvt Ltd. CVE published 2026-07-10

CVE-2026-57807

A critical Authentication Bypass Using an Alternate Path or Channel vulnerability exists in miniOrange Security Software Pvt Ltd. OAuth Single Sign On - SSO (OAuth Client) plugin for WordPress, allowing Password Recovery Exploitation. The issue affects versions from n/a through 38.5.8. This vulnerability has a high impact on the confidentiality, integrity, and availability of the affected system. Administ [truncated]