cleantalk
Vulnerabilities and Security Researches

WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn), CVE-2025-68974

CVE, Research URL

CVE-2025-68974

Home page URL

Security reports for WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn)

Application

WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn)

Published on
Dec 30, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows PHP Local File Inclusion.This issue affects WordPress Social Login and Register: from n/a through <= 7.7.0.
Affected versions
max 7.7.0.
Status
vulnerable
Previous vulnerability researches
WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) (CVE-2025-47670) , Jun 05, 2025
WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) (CVE-2024-11087) , Mar 09, 2025
WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) (92a8d2abbf57eff4cf1052d3f99e9038455a99ac) , Jun 07, 2024
WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) (CVE-2023-23710) , Jun 07, 2024
WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) (CVE-2023-23706) , Jun 07, 2024
New vulnerability
Security & Malware scan by CleanTalk , Apr 03, 2026
OOPSpam Anti-Spam (CVE-2026-32544) , Mar 31, 2026
NotificationX &#8211; Best FOMO, Social Proof, WooCommerce Sales Popup &amp; Notification Bar Plugin With Elementor (CVE-2026-27042) , Mar 31, 2026
The Conference (CVE-2026-32335) , Mar 31, 2026
WP Booking System &#8211; Booking Calendar (CVE-2025-68515) , Mar 31, 2026