CVE-2025-14975
CVE-2025-14975 affects the WordPress plugin Custom Login Page Customizer (versions before 2.5.4). The vulnerability arises from an improper password reset process that allows unauthenticated requests to reset a user’s password by knowing the username (e.g., administrator), enabling account compro...