⚠️ CVE-2026-2628: CRITICAL auth bypass in All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login plugin (≤2.2.5). Attackers can access WP admin accounts with no credentials. Disable plugin or restrict logins until patched! https://radar.offseq.com/threat/cve-2026-2628-cwe-288-authentication-bypass-using--3ce6682b #OffSeq #WordPress #AzureAD