CVE-2025-1061 - Vulnerability Details

- Nextend Social Login Pro <= 3.1.16 - Authentication Bypass via Apple OAuth provider

Description

The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.16. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email.

Published: 2025-02-07

Score: 9.8 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability allows an attacker to forge an Apple OAuth authentication request that is insufficiently validated by the Nextend Social Login Pro plugin. This flaw enables an unauthenticated attacker to log in as any existing WordPress user—including administrators—provided the attacker knows the user’s email address. Once authenticated, the attacker gains full privileges of that account.

Affected Systems

The issue affects the Nextend Social Login Pro plugin for WordPress, versions up to and including 3.1.16. The plugin is distributed by Nextendweb.

Risk and Exploitability

The CVSS score of 9.8 indicates high severity, while the EPSS score of less than 1% suggests a low but non-zero probability of exploitation at this time. The flaw is not listed in the CISA KEV catalog. Attackers can exploit the weakness remotely by crafting a specially crafted request to the Apple OAuth endpoint exposed by the plugin; the likely attack vector is inferred from the description as a remote request that bypasses authentication. Because the bypass is triggered without prior authentication, an attacker could elevate their privileges to that of any existing user on the site.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

nextendweb

Nextend Social Login Pro

unaffected

Version	Status	Constraints
`0`	affected	≤ 3.1.16

No data.

Vendor	Product	Confidence	Versions
Nextendweb	Nextend Social Login Pro	—	—
Wordpress	Wordpress	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade Nextend Social Login Pro to version 3.1.17 or later, which contains the necessary validation fix.
If an upgrade is not immediately possible, disable the Apple provider within the plugin’s settings as a temporary workaround until the patch is applied.
Consider removing or deactivating the entire Nextend Social Login Pro plugin to eliminate the attack surface until a secure version is deployed.

Generated by OpenCVE AI on April 22, 2026 at 04:17 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2025-1984	The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.16. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00148.

Exploitation none

Automatable yes

Technical Impact total

References

Link	Providers
https://nextendweb.com/nextend-social-login-docs/pro-addon-changelog/
https://nextendweb.com/nextend-social-login-docs/provider-apple/
https://www.wordfence.com/threat-intel/vulnerabilities/id/6494e54c-db04-41f9-8b91-6ad12528cf01?source=cve

History

Fri, 07 Feb 2025 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 07 Feb 2025 02:00:00 +0000

Type	Values Removed	Values Added
Description		The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.16. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email.
Title		Nextend Social Login Pro <= 3.1.16 - Authentication Bypass via Apple OAuth provider
Weaknesses		CWE-288
References		https://nextendweb.com/nextend-social-login-docs/pro-addon-changelog/ https://nextendweb.com/nextend-social-login-docs/provider-apple/ https://www.wordfence.com/threat-intel/vulnerabilities/id/6494e54c-db04-41f9-8b91-6ad12528cf01?source=cve
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

Subscriptions

Nextendweb Nextend Social Login Pro

Wordpress Wordpress

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2025-02-07T01:41:10.227Z

Updated: 2026-04-08T16:57:36.508Z

Reserved: 2025-02-05T14:44:49.749Z

Link: CVE-2025-1061

Vulnrichment

Updated: 2025-02-07T15:51:12.176Z

NVD

Status : Deferred

Published: 2025-02-07T02:15:29.587

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-1061

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-22T04:30:05Z

Weaknesses

CWE-288

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object