Описание
The Password Reset with Code for WordPress REST API WordPress plugin before 0.0.17 does not use cryptographically sound algorithms to generate OTP codes, potentially leading to account takeovers.
EPSS
Процентиль: 7%
0.00027
Низкий
9.8 Critical
CVSS3
Дефекты
Связанные уязвимости
CVSS3: 9.8
github
5 месяцев назад
The Password Reset with Code for WordPress REST API WordPress plugin before 0.0.17 does not use cryptographically sound algorithms to generate OTP codes, potentially leading to account takeovers.
EPSS
Процентиль: 7%
0.00027
Низкий
9.8 Critical
CVSS3