CVE-2024-5868

Name of the Vulnerable Software and Affected Versions: WooCommerce - Social Login plugin for WordPress versions up to, and including, 2.6.2

Description: The issue allows unauthenticated attackers to bypass email verification due to the use of insufficiently random activation codes. This enables attackers to exploit the system without proper authentication.

Recommendations: For versions up to, and including, 2.6.2, update to a version higher than 2.6.2 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.