CVE-2026-7567P1CRITICALCVSS 9.8PoC≤ 1.0.02026-05-01
CVE-2026-7567 [CRITICAL] CWE-288 CVE-2026-7567: The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to an
The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.0.0. This is due to improper input validation in the maybe_login_temporary_user() function, which fails to verify that the 'temp-login-token' GET parameter is a scalar string before processing it. When the parameter is supplied as an arr
nvd