3 matches found
CVE-2020-28642
In InfiniteWP Admin Panel before 3.1.12.3, resetPasswordSendMail generates a weak password-reset code, which makes it easier for remote attackers to conduct admin Account Takeover attacks...
CVE-2020-28642
CVE-2020-28642 affects InfiniteWP Admin Panel prior to 3.1.12.3. The vulnerability stems from resetPasswordSendMail generating a weak password-reset code, enabling remote attackers to perform admin account takeover. The connected sources (NVD, Red Hat advisory, PRION, CVE lists) consistently desc...
CVE-2020-28642
In InfiniteWP Admin Panel before 3.1.12.3, resetPasswordSendMail generates a weak password-reset code, which makes it easier for remote attackers to conduct admin Account Takeover attacks...