CVE-2025-7692
Orion Login with SMS <= 1.0.5 - Authenticated Bypass via Weak OTPThe Orion Login with SMS plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.5. This is due to the olws_handle_verify_phone() function not utilizing a strong enough OTP value, exposing the hash needed to generate the OTP value, and no restrictions on the number of attempts to submit the code. This makes it possible for unauthenticated attackers to log in as other users, including administrators, if they have access to their phone number.
We have discovered 38 live websites that are affected by CVE-2025-7692.
Affected Software
| Product |  Orion Login With Sms |
| Category | Wordpress Plugins |
| Vulnerable Domains | 38 live websites (100% of Orion Login With Sms install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 0 versions ( less than 0.1% of all versions) |
Common Weakness Enumeration
CWE-288 Authentication Bypass Using an Alternate Path or ChannelDetails
- Published - Jul 22, 2025
- Updated - Jul 22, 2025
Credits
- Kenneth Dunn (finder)
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2025-7692 United States | 15 websites |
 India | 7 websites |
 Denmark | 3 websites |
 Germany | 2 websites |
 Israel | 2 websites |
 Netherlands | 2 websites |
 Cyprus | 1 websites |
 France | 1 websites |
 GB | 1 websites |
 Iceland | 1 websites |
Website Distribution by TLD
Number of websites using CVE-2025-7692| .com | 24 websites |
| .com.au | 1 websites |
| .fr | 1 websites |
| .io | 1 websites |
| .it | 1 websites |
| .net | 1 websites |
| .nl | 1 websites |
Websites affected by CVE-2025-7692
Top websites that are affected by CVE-2025-7692. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ******.com | United States | *,***,*** | |
| *********.it |  Italy | *,***,*** | |
| ************.com | India | *,***,*** | |
| *************.com | United States | *,***,*** | |
| ************.com | United States | *,***,*** | |
| *************.com | Israel | *,***,*** | |
| *********.design | Netherlands | **,***,*** | |
| **************.com | United States | **,***,*** | |
| ************.fr | France | **,***,*** | |
| **.*********.**.il | Israel | **,***,*** |
FAQ
CVE-2025-7692 is Authentication Bypass Using an Alternate Path or Channel in Orion Login With Sms
A total of 38 websites have been identified as vulnerable to CVE-2025-7692, based on global website indexing conducted by WebTechSurvey.
The Orion Login With Sms is affected by the CVE-2025-7692 vulnerability.
Orion Login With Sms versions up to and including 1.0.5 are vulnerable to CVE-2025-7692.