Critical severity9.8NVD Advisory· Published May 27, 2026· Updated May 27, 2026
CVE-2026-42731
CVE-2026-42731
Description
Incorrect Privilege Assignment vulnerability in miniOrange miniorange otp verification miniorange-otp-verification allows Privilege Escalation.This issue affects miniorange otp verification: from n/a through <= 5.4.9.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=5.4.9+ 1 more
- (no CPE)range: <=5.4.9
- (no CPE)range: <=5.4.9
Patches
Vulnerability mechanics
References
1News mentions
1- Wordfence Intelligence Weekly WordPress Vulnerability Report (May 18, 2026 to May 24, 2026)Wordfence Blog · May 28, 2026