One Time Password Project One Time Password — known CVE vulnerabilities
Every CVE whose affected-product data names One Time Password Project One Time Password, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2025-48010 — CVSS 4.8 (medium): Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal One Time Password allows Functionality Bypass.This issue…
CVE-2025-48011 — CVSS 4.8 (medium): Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal One Time Password allows Functionality Bypass.This issue…
CVE-2025-48012 — CVSS 4.8 (medium): Authentication Bypass by Capture-replay vulnerability in Drupal One Time Password allows Remote Services with Stolen Credentials.This issue…