CVE-2025-14440
Unknown Unknown - Not Provided
Authentication Bypass in JAY Login & Register WordPress Plugin

Publication date: 2025-12-13

Last updated on: 2026-04-08

Assigner: Wordfence

Description
The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrect authentication checking in the 'jay_login_register_process_switch_back' function with the 'jay_login_register_process_switch_back' cookie value. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-13
Last Modified
2026-04-08
Generated
2026-06-16
AI Q&A
2025-12-13
EPSS Evaluated
2026-06-14
NVD
CVE-2025-14440
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
wordpress jay_login_register 2.4.01
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-565 The product relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Detection Guidance

Detection can focus on monitoring HTTP requests for suspicious parameters related to the user switching feature in the jay-login-register plugin. Specifically, look for requests containing 'action=jay_login_register_switch_to' or 'action=jay_login_register_switch_back' with user_id or nonce parameters. Network or web server logs can be searched for these patterns. Additionally, checking for the presence of the 'jay_login_register_switched_from_user' cookie in requests may indicate exploitation attempts. Commands such as 'grep' on web server logs can be used, for example: grep -E 'action=jay_login_register_switch_(to|back)' /var/log/apache2/access.log. Also, inspecting cookies in HTTP requests for 'jay_login_register_switched_from_user' can help detect attempts. [2]

Executive Summary

The vulnerability in the JAY Login & Register plugin for WordPress allows unauthenticated attackers to bypass authentication due to incorrect checking in the 'jay_login_register_process_switch_back' function related to the 'jay_login_register_process_switch_back' cookie. This flaw enables attackers to log in as any existing user, including administrators, if they know the user ID.

Impact Analysis

This vulnerability can have a severe impact as it allows attackers to gain unauthorized access to user accounts, including administrator accounts. This can lead to full site compromise, data theft, unauthorized changes, and potential disruption of services.

Mitigation Strategies

Immediate mitigation steps include updating the jay-login-register WordPress plugin to a version later than 2.4.01 where the vulnerability is fixed. If an update is not immediately available, disable or remove the plugin to prevent exploitation. Additionally, restrict access to the WordPress admin area and monitor user accounts for unauthorized access. Review and tighten permissions for users with 'edit_users' capability. Implement web application firewall (WAF) rules to block requests containing suspicious parameters related to user switching actions. [2]

Compliance Impact

This vulnerability allows unauthenticated attackers to log in as any existing user, including administrators, which can lead to unauthorized access to sensitive data. Such unauthorized access could result in violations of data protection regulations like GDPR and HIPAA, which require strict controls over user authentication and data access. Therefore, exploitation of this vulnerability could negatively impact compliance with these standards by compromising confidentiality, integrity, and availability of protected data. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-14440. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart