CVE-2025-7692 - Vulnerability Details

- Orion Login with SMS <= 1.0.5 - Authentication Bypass via Weak OTP

Description

The Orion Login with SMS plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.5. This is due to the olws_handle_verify_phone() function not utilizing a strong enough OTP value, exposing the hash needed to generate the OTP value, and no restrictions on the number of attempts to submit the code. This makes it possible for unauthenticated attackers to log in as other users, including administrators, if they have access to their phone number.

Published: 2025-07-22

Score: 8.1 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The Orion Login with SMS plugin for WordPress allows an unauthenticated attacker to bypass authentication, because the olws_handle_verify_phone() function uses a weak one‑time password algorithm, exposes the hash needed to generate the OTP, and imposes no limit on OTP submission attempts. If an attacker can identify a user’s phone number, they can log in as that user, including administrators. This flaw directly compromises the confidentiality and integrity of the site, potentially allowing full control over the WordPress instance.

Affected Systems

WordPress sites running the Orion Login with SMS plugin version 1.0.5 or earlier, developed by gsayed786.

Risk and Exploitability

The vulnerability carries a CVSS score of 8.1, indicating high severity. The EPSS score is below 1%, suggesting that actual exploitation is currently low, and the flaw is not listed in CISA’s KEV catalog. Attacks would likely be performed remotely via the WordPress login interface, and can succeed without any additional privileges if the attacker can obtain a target’s phone number. The lack of attempt limits further eases exploitation. Overall, the risk is significant due to the high impact, though the exploitation probability remains limited at present.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

gsayed786

Orion Login with SMS

unaffected

Version	Status	Constraints
`0`	affected	≤ 1.0.5

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade Orion Login with SMS to the latest released version that fixes the authentication bypass.
If an update cannot be applied immediately, disable or remove the plugin from the site to prevent exploitation while a fix is pending.
After mitigation, audit user accounts for any unauthorized activity, reset passwords, and enable multi‑factor authentication to strengthen future resilience.

Generated by OpenCVE AI on April 22, 2026 at 14:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2025-22303	The Orion Login with SMS plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.5. This is due to the olws_handle_verify_phone() function not utilizing a strong enough OTP value, exposing the hash needed to generate the OTP value, and no restrictions on the number of attempts to submit the code. This makes it possible for unauthenticated attackers to log in as other users, including administrators, if they have access to their phone number.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00196.

Exploitation none

Automatable no

Technical Impact total

References

Link	Providers
https://wordpress.org/plugins/orion-login-with-sms/
https://www.wordfence.com/threat-intel/vulnerabilities/id/31a47cbd-c19b-4ac3-87ed-2d4c5c0e9cb7?source=cve

History

Wed, 08 Apr 2026 17:00:00 +0000

Type	Values Removed	Values Added
Title	Orion Login with SMS <= 1.0.5 - Authenticated Bypass via Weak OTP	Orion Login with SMS <= 1.0.5 - Authentication Bypass via Weak OTP

Tue, 22 Jul 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 22 Jul 2025 09:30:00 +0000

Type	Values Removed	Values Added
Description		The Orion Login with SMS plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.5. This is due to the olws_handle_verify_phone() function not utilizing a strong enough OTP value, exposing the hash needed to generate the OTP value, and no restrictions on the number of attempts to submit the code. This makes it possible for unauthenticated attackers to log in as other users, including administrators, if they have access to their phone number.
Title		Orion Login with SMS <= 1.0.5 - Authenticated Bypass via Weak OTP
Weaknesses		CWE-288
References		https://wordpress.org/plugins/orion-login-with-sms/ https://www.wordfence.com/threat-intel/vulnerabilities/id/31a47cbd-c19b-4ac3-87ed-2d4c5c0e9cb7?source=cve
Metrics		cvssV3_1 `{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2025-07-22T09:22:42.768Z

Updated: 2026-04-08T16:45:10.015Z

Reserved: 2025-07-15T19:31:18.509Z

Link: CVE-2025-7692

Vulnrichment

Updated: 2025-07-22T13:20:40.984Z

NVD

Status : Deferred

Published: 2025-07-22T10:15:26.357

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-7692

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-22T14:45:19Z

Weaknesses

CWE-288

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object