exploitDog

GHSA-vr5w-fmp9-m564

Опубликовано: 21 мая 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

The DIGITS: WordPress Mobile Number Signup and Login WordPress plugin before 8.4.6.1 does not rate limit OTP validation attempts, making it straightforward for attackers to bruteforce them.

The DIGITS: WordPress Mobile Number Signup and Login WordPress plugin before 8.4.6.1 does not rate limit OTP validation attempts, making it straightforward for attackers to bruteforce them.

Ссылки

EPSS

Процентиль: 84%

0.02089

Низкий

9.8 Critical

CVSS3

CVE ID

Связанные уязвимости

CVE-2025-4094

CVSS3: 9.8

nvd

9 месяцев назад

The DIGITS: WordPress Mobile Number Signup and Login WordPress plugin before 8.4.6.1 does not rate limit OTP validation attempts, making it straightforward for attackers to bruteforce them.

EPSS

Процентиль: 84%

0.02089

Низкий

9.8 Critical

CVSS3

CVE ID