Vulnerabilities

CVE-2025-10484 - Registration & Login with Mobile Phone Number for WooCommerce <= 1.3.1 - authent...

2026-01-17 0 views admin

CVE ID : CVE-2025-10484 Published : Jan. 17, 2026, 9:15 a.m. | 1 hour, 14 minutes ago Description : The Registration & Login with Mobile Phone Number for WooCommerce plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.3.1. This is due to the plugin not properly verifying a users identity prior to authenticating them via the fma_lwp_set_session_php_fun() function. This makes it possible for unauthenticated attackers to authenticate as any user on the site, including administrators, without a valid password. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-10484

Severity

CRITICAL

Published

Jan. 17, 2026

Affected Product: WordPress

Impact: Authentication Bypass

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-10484criticalwordpress

CVE-2025-10484 - Registration & Login with Mobile Phone Number for WooCommerce <= 1.3.1 - authent...

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2025-15530 - Open5GS s11-handler.c assertion

CVE-2025-8615 - CubeWP <= 1.1.26 - authenticated (contributor+) stored cross-site scripting via c...

CVE-2025-14078 - PAYGENT for WooCommerce <= 2.4.6 - missing authorization to unauthenticated paym...

CVE-2026-0725 - Integrate Dynamics 365 CRM <= 1.1.1 - authenticated (administrator+) stored cross...

Trending

Tech: Go-legacy-winxp: Compile Golang 1.24 code for Windows XP

Tech: Data is the only moat

Tech: Pocket TTS: A high quality TTS that gives your CPU a voice

Tech: AWS European Sovereign Cloud

Tech: JuiceFS is a distributed POSIX file system built on top of Redis and S3