VYPR

User Verification

by WordPress

Source repositories

CVEs (4)

  • CVE-2025-12374CriDec 5, 2025
    risk 0.64cvss 9.8epss 0.00

    The Email Verification, Email OTP, Block Spam Email, Passwordless login, Hide Login, Magic Login – User Verification plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.44. This is due to the plugin not properly validating that…

  • CVE-2026-7458CriMay 2, 2026
    risk 0.57cvss 9.8epss 0.01

    The User Verification by PickPlugins plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.46. This is due to the use of a loose PHP comparison operator to validate OTP codes in the "user_verification_form_wrap_process_otpLogin"…

  • CVE-2026-32497MedMar 25, 2026
    risk 0.34cvss 5.3epss 0.00

    Weak Authentication vulnerability in PickPlugins User Verification user-verification allows Authentication Abuse.This issue affects User Verification: from n/a through <= 2.0.45.

  • CVE-2022-4693Jan 23, 2023
    risk 0.01cvss epss 0.02

    The User Verification WordPress plugin before 1.0.94 was affected by an Auth Bypass security vulnerability. To bypass authentication, we only need to know the user’s username. Depending on whose username we know, which can be easily queried because it is usually public data,…