Skip to main content

Simple Jwt Login Allows You To Use Jwt On Rest Endpoints

1 CVEs product

Monthly

CVE-2026-14262 HIGH This Week

Privilege escalation in the Simple JWT Login WordPress plugin (all versions through 3.6.6) lets an authenticated subscriber-level user forge an Administrator session by injecting arbitrary identity claims into the JWT payload. Because AuthenticateService::generatePayload() only overwrites payload keys that appear in the admin-configured jwt_payload allowlist, attacker-supplied claims such as email, id, or username survive and are signed with the site's HS256 secret; the token is then redeemed at /autologin to log in as any administrator. Reported by Wordfence with no public exploit identified at time of analysis and no CISA KEV listing.

Privilege Escalation WordPress Authentication Bypass Simple Jwt Login Allows You To Use Jwt On Rest Endpoints
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
EPSS 0% CVSS 8.8
HIGH This Week

Privilege escalation in the Simple JWT Login WordPress plugin (all versions through 3.6.6) lets an authenticated subscriber-level user forge an Administrator session by injecting arbitrary identity claims into the JWT payload. Because AuthenticateService::generatePayload() only overwrites payload keys that appear in the admin-configured jwt_payload allowlist, attacker-supplied claims such as email, id, or username survive and are signed with the site's HS256 secret; the token is then redeemed at /autologin to log in as any administrator. Reported by Wordfence with no public exploit identified at time of analysis and no CISA KEV listing.

Privilege Escalation WordPress Authentication Bypass +1
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy