CVE-2025-5305
Password Reset with Code < 0.0.17 - Insecure Password Reset Code Creation
The Password Reset with Code for WordPress REST API WordPress plugin before 0.0.17 does not use cryptographically sound algorithms to generate OTP codes, potentially leading to account takeovers.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
Unknown · Password Reset with Code for WordPress REST API¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →