{"api_version":"1","generated_at":"2026-04-22T04:15:00+00:00","cve":"CVE-2023-2706","urls":{"html":"https://cve.report/CVE-2023-2706","api":"https://cve.report/api/cve/CVE-2023-2706.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-2706","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-2706"},"summary":{"title":"OTP Login Woocommerce & Gravity Forms <= 2.2 - Authentication Bypass to Privilege Escalation","description":"The OTP Login Woocommerce & Gravity Forms plugin for WordPress is vulnerable to authentication bypass. This is due to the fact that when generating OTP codes for users to use in order to login via phone number, the plugin returns these codes in an AJAX response. This makes it possible for unauthenticated attackers to obtain login codes for administrators. This does require an attacker have access to the phone number configured for an account, which can be obtained via social engineering or reconnaissance.","state":"PUBLISHED","assigner":"Wordfence","published_at":"2023-05-17 02:15:11","updated_at":"2026-04-08 19:18:18"},"problem_types":["CWE-287","CWE-287 CWE-287 Improper Authentication"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"8.1","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"security@wordfence.com","type":"Secondary","score":"8.1","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"DECLARED","score":"8.1","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","data":{"baseScore":8.1,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/mobile-login-woocommerce/tags/2.2/includes/class-xoo-ml-verification.php#L362","name":"https://plugins.trac.wordpress.org/browser/mobile-login-woocommerce/tags/2.2/includes/class-xoo-ml-verification.php#L362","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"],"title":"403 Forbidden","mime":"text/html","httpstatus":"403","archivestatus":"404"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2912731%40mobile-login-woocommerce&new=2912731%40mobile-login-woocommerce&sfp_email=&sfph_mail=","name":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2912731%40mobile-login-woocommerce&new=2912731%40mobile-login-woocommerce&sfp_email=&sfph_mail=","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"403 Forbidden","mime":"text/html","httpstatus":"403","archivestatus":"404"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b1b7b653-496f-467a-9513-4be1891f38ae?source=cve","name":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b1b7b653-496f-467a-9513-4be1891f38ae?source=cve","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"OTP Login Woocommerce & Gravity Forms <= 2.2 - Authentication Bypass to Privilege Escalation","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lana.codes/lanavdb/87b5e80e-fd5b-47c3-bf82-088bdf4573b5/","name":"https://lana.codes/lanavdb/87b5e80e-fd5b-47c3-bf82-088bdf4573b5/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"OTP Login/Signup Woocommerce by XootiX WordPress plugin Authentication Bypass – Lana Codes","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-2706","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2706","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"xootix","product":"OTP Login & Register Woocommerce","version":"affected 2.2 semver","platforms":[]}],"timeline":[{"source":"CNA","time":"2023-05-14T00:00:00.000Z","lang":"en","value":"Discovered"},{"source":"CNA","time":"2023-05-15T00:00:00.000Z","lang":"en","value":"Vendor Notified"},{"source":"CNA","time":"2023-05-16T00:00:00.000Z","lang":"en","value":"Disclosed"}],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"CNA","value":"István Márton","lang":"en"}],"nvd_cpes":[{"cve_year":"2023","cve_id":"2706","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xootix","cpe5":"otp_login_woocommerce_\\&_gravity_forms","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"wordpress","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2023","cve_id":"2706","cve":"CVE-2023-2706","epss":"0.016650000","percentile":"0.820840000","score_date":"2026-04-09","updated_at":"2026-04-10 00:07:03"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-02T06:33:04.558Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_transferred"],"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b1b7b653-496f-467a-9513-4be1891f38ae?source=cve"},{"tags":["x_transferred"],"url":"https://plugins.trac.wordpress.org/browser/mobile-login-woocommerce/tags/2.2/includes/class-xoo-ml-verification.php#L362"},{"tags":["x_transferred"],"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2912731%40mobile-login-woocommerce&new=2912731%40mobile-login-woocommerce&sfp_email=&sfph_mail="},{"tags":["x_transferred"],"url":"https://lana.codes/lanavdb/87b5e80e-fd5b-47c3-bf82-088bdf4573b5/"}],"title":"CVE Program Container"},{"metrics":[{"other":{"content":{"id":"CVE-2023-2706","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2025-01-13T16:19:34.330309Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2025-01-13T16:49:33.542Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unaffected","product":"OTP Login & Register Woocommerce","vendor":"xootix","versions":[{"lessThanOrEqual":"2.2","status":"affected","version":"0","versionType":"semver"}]}],"credits":[{"lang":"en","type":"finder","value":"István Márton"}],"descriptions":[{"lang":"en","value":"The OTP Login Woocommerce & Gravity Forms plugin for WordPress is vulnerable to authentication bypass. This is due to the fact that when generating OTP codes for users to use in order to login via phone number, the plugin returns these codes in an AJAX response. This makes it possible for unauthenticated attackers to obtain login codes for administrators. This does require an attacker have access to the phone number configured for an account, which can be obtained via social engineering or reconnaissance."}],"metrics":[{"cvssV3_1":{"baseScore":8.1,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-287","description":"CWE-287 Improper Authentication","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-04-08T17:16:17.788Z","orgId":"b15e7b5b-3da4-40ae-a43c-f7aa60e62599","shortName":"Wordfence"},"references":[{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b1b7b653-496f-467a-9513-4be1891f38ae?source=cve"},{"url":"https://plugins.trac.wordpress.org/browser/mobile-login-woocommerce/tags/2.2/includes/class-xoo-ml-verification.php#L362"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2912731%40mobile-login-woocommerce&new=2912731%40mobile-login-woocommerce&sfp_email=&sfph_mail="},{"url":"https://lana.codes/lanavdb/87b5e80e-fd5b-47c3-bf82-088bdf4573b5/"}],"timeline":[{"lang":"en","time":"2023-05-14T00:00:00.000Z","value":"Discovered"},{"lang":"en","time":"2023-05-15T00:00:00.000Z","value":"Vendor Notified"},{"lang":"en","time":"2023-05-16T00:00:00.000Z","value":"Disclosed"}],"title":"OTP Login Woocommerce & Gravity Forms <= 2.2 - Authentication Bypass to Privilege Escalation"}},"cveMetadata":{"assignerOrgId":"b15e7b5b-3da4-40ae-a43c-f7aa60e62599","assignerShortName":"Wordfence","cveId":"CVE-2023-2706","datePublished":"2023-05-17T01:58:49.447Z","dateReserved":"2023-05-15T12:23:20.740Z","dateUpdated":"2026-04-08T17:16:17.788Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2023-05-17 02:15:11","lastModifiedDate":"2026-04-08 19:18:18","problem_types":["CWE-287","CWE-287 CWE-287 Improper Authentication"],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:xootix:otp_login_woocommerce_\\&_gravity_forms:*:*:*:*:*:wordpress:*:*","versionEndExcluding":"2.3","matchCriteriaId":"308AA8BB-2B81-4B17-8282-42AB15C1643A"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2023","CveId":"2706","Ordinal":"1","Title":"OTP Login Woocommerce & Gravity Forms <= 2.2 - Authentication By","CVE":"CVE-2023-2706","Year":"2023"},"notes":[{"CveYear":"2023","CveId":"2706","Ordinal":"1","NoteData":"The OTP Login Woocommerce & Gravity Forms plugin for WordPress is vulnerable to authentication bypass. This is due to the fact that when generating OTP codes for users to use in order to login via phone number, the plugin returns these codes in an AJAX response. This makes it possible for unauthenticated attackers to obtain login codes for administrators. This does require an attacker have access to the phone number configured for an account, which can be obtained via social engineering or reconnaissance.","Type":"Description","Title":"OTP Login Woocommerce & Gravity Forms <= 2.2 - Authentication By"}]}}}