CVE-2025-14440
Authentication Bypass in JAY Login & Register WordPress Plugin
Publication date: 2025-12-13
Last updated on: 2026-04-08
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wordpress | jay_login_register | 2.4.01 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-565 | The product relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can focus on monitoring HTTP requests for suspicious parameters related to the user switching feature in the jay-login-register plugin. Specifically, look for requests containing 'action=jay_login_register_switch_to' or 'action=jay_login_register_switch_back' with user_id or nonce parameters. Network or web server logs can be searched for these patterns. Additionally, checking for the presence of the 'jay_login_register_switched_from_user' cookie in requests may indicate exploitation attempts. Commands such as 'grep' on web server logs can be used, for example: grep -E 'action=jay_login_register_switch_(to|back)' /var/log/apache2/access.log. Also, inspecting cookies in HTTP requests for 'jay_login_register_switched_from_user' can help detect attempts. [2]
Can you explain this vulnerability to me?
The vulnerability in the JAY Login & Register plugin for WordPress allows unauthenticated attackers to bypass authentication due to incorrect checking in the 'jay_login_register_process_switch_back' function related to the 'jay_login_register_process_switch_back' cookie. This flaw enables attackers to log in as any existing user, including administrators, if they know the user ID.
How can this vulnerability impact me? :
This vulnerability can have a severe impact as it allows attackers to gain unauthorized access to user accounts, including administrator accounts. This can lead to full site compromise, data theft, unauthorized changes, and potential disruption of services.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the jay-login-register WordPress plugin to a version later than 2.4.01 where the vulnerability is fixed. If an update is not immediately available, disable or remove the plugin to prevent exploitation. Additionally, restrict access to the WordPress admin area and monitor user accounts for unauthorized access. Review and tighten permissions for users with 'edit_users' capability. Implement web application firewall (WAF) rules to block requests containing suspicious parameters related to user switching actions. [2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows unauthenticated attackers to log in as any existing user, including administrators, which can lead to unauthorized access to sensitive data. Such unauthorized access could result in violations of data protection regulations like GDPR and HIPAA, which require strict controls over user authentication and data access. Therefore, exploitation of this vulnerability could negatively impact compliance with these standards by compromising confidentiality, integrity, and availability of protected data. [2]