AI Score
Confidence
High
EPSS
Percentile
85.4%
WordPress before 4.4 makes it easier for remote attackers to predict password-recovery tokens via a brute-force approach.
packetstormsecurity.com/files/130380/WordPress-Failed-Randomness.html
seclists.org/fulldisclosure/2015/Feb/42
seclists.org/fulldisclosure/2015/Feb/53
www.securityfocus.com/bid/72589
www.securitytracker.com/id/1031749
bugzilla.redhat.com/show_bug.cgi?id=1192474
core.trac.wordpress.org/ticket/28633