cleantalk
Vulnerabilities and Security Researches

Email Verification / SMS Verification / OTP Verification / OTP Authentication / WooCommerce Notification, CVE-2026-42731

CVE, Research URL

CVE-2026-42731

Home page URL

Security reports for Email Verification / SMS Verification / OTP Verification / OTP Authentication / WooCommerce Notification

Application

Email Verification / SMS Verification / OTP Verification / OTP Authentication / WooCommerce Notification

Published on
May 27, 2026
Research Description
Incorrect Privilege Assignment vulnerability in miniOrange miniorange otp verification miniorange-otp-verification allows Privilege Escalation.This issue affects miniorange otp verification: from n/a through <= 5.4.9.
Affected versions
max 5.5.0.
Status
vulnerable
Previous vulnerability researches
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2026-39564) , Apr 14, 2026
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2024-44038) , Sep 28, 2024
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2026-24994) , Feb 28, 2026
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2025-67973) , Feb 28, 2026
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2024-43971) , Sep 01, 2024
New vulnerability
SlimStat Analytics (CVE-2026-7634) , May 28, 2026
GenerateBlocks (CVE-2026-48877) , May 28, 2026
Meta Field Block (CVE-2026-3173) , May 28, 2026
Dideo (CVE-2026-8847) , May 28, 2026
Splide Carousel Block (CVE-2026-9022) , May 28, 2026