top of page
perceptive_background_267k.jpg

Incorrect Privilege Assignment vulnerability in miniOrange miniorange otp verification miniorange-otp-verification allows Privilege Escalation.This issue affect…

Published:

26 May 2026 at 22:00:00

Alert date:

27 May 2026 at 15:06:57

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Identity & Access

CVE-2026-42731 is an Incorrect Privilege Assignment vulnerability in the miniOrange OTP Verification WordPress plugin that allows privilege escalation. The vulnerability affects all versions from n/a through 5.4.9 and below. This type of vulnerability can allow attackers to gain elevated privileges within the affected system, potentially leading to unauthorized access and control. The issue is classified as high severity and affects a widely-used WordPress plugin for OTP verification functionality.

Technical details

Mitigation steps:

Affected products:

miniOrange OTP Verification

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-42731
https://patchstack.com/database/Wordpress/Plugin/miniorange-otp-verification/vulnerability/wordpress-miniorange-otp-verification-plugin-5-4-9-privilege-escalation-vulnerability?_s_id=cve

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page