CRITICAL
miniOrange Security Software Pvt Ltd.
CVE published 2026-07-10
CVE-2026-57807
A critical Authentication Bypass Using an Alternate Path or Channel vulnerability exists in miniOrange Security Software Pvt Ltd. OAuth Single Sign On - SSO (OAuth Client) plugin for WordPress, allowing Password Recovery Exploitation. The issue affects versions from n/a through 38.5.8. This vulnerability has a high impact on the confidentiality, integrity, and availability of the affected system. Administ [truncated]