Critical WordPress Plugin Vulnerability Allows Attackers to Gain Full Control Over Website

A critical security vulnerability has been discovered in the widely used WordPress OAuth Single Sign–On (SSO (OAuth Client) plugin developed by miniOrange, exposing millions of WordPress websites to complete takeover by unauthenticated remote attackers. The flaw, tracked as CVE-2026-57807, carries a near-maximum CVSS score of 9.8 and was disclosed by Patchstack on July 9, 2026. […]

The post Critical WordPress Plugin Vulnerability Allows Attackers to Gain Full Control Over Website appeared first on Cyber Security News.

This article has been indexed from Cyber Security News

Read the original article: