Vulnerabilities > Miniorange > OTP Verification With Firebase
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-17 | CVE-2024-9861 | Missing Authentication for Critical Function vulnerability in Miniorange OTP Verification With Firebase The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.6.0. | 8.1 |
| 2024-10-17 | CVE-2024-9862 | Authorization Bypass Through User-Controlled Key vulnerability in Miniorange OTP Verification With Firebase The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 3.6.0. | 9.8 |