CVE-2026-7567

Name of the Vulnerable Software and Affected Versions Temporary Login plugin for WordPress versions prior to 1.0.1

Description An authentication bypass exists due to improper input validation in the maybe login temporary user() function. The function fails to verify that the temp-login-token GET parameter is a scalar string. If this parameter is provided as an array, the empty() check is bypassed and sanitize key() returns an empty string. This empty string is then used as the meta value in the get users() function. Since WordPress ignores an empty meta value, it returns all users associated with the temporary login token meta key, allowing an unauthenticated attacker to authenticate as any active temporary login user via a crafted GET request.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.