Lucene search
K

4 matches found

NVD
NVD
added 2024/06/11 4:15 a.m.24 views

CVE-2023-7264

The Build App Online plugin for WordPress is vulnerable to account takeover due to a weak password reset mechanism in all versions up to, and including, 1.0.22. This makes it possible for unauthenticated attackers to reset the password of arbitrary users by guessing an 4-digit numeric reset code...

9.8CVSS0.00621EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/06/11 3:16 a.m.16 views

CVE-2023-7264 Build App Online <= 1.0.22 - Account Takeover via Weak Password Reset Mechanism

The Build App Online plugin for WordPress is vulnerable to account takeover due to a weak password reset mechanism in all versions up to, and including, 1.0.22. This makes it possible for unauthenticated attackers to reset the password of arbitrary users by guessing an 4-digit numeric reset code...

8.1CVSS6AI score0.00621EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/06/11 3:16 a.m.25 views

CVE-2023-7264 Build App Online <= 1.0.22 - Account Takeover via Weak Password Reset Mechanism

The Build App Online plugin for WordPress is vulnerable to account takeover due to a weak password reset mechanism in all versions up to, and including, 1.0.22. This makes it possible for unauthenticated attackers to reset the password of arbitrary users by guessing an 4-digit numeric reset code...

8.1CVSS0.00621EPSS
Exploits0References4
CVE
CVE
added 2024/06/11 3:16 a.m.64 views

CVE-2023-7264

The Build App Online plugin for WordPress (all versions up to 1.0.21) is vulnerable due to a weak password reset mechanism. An unauthenticated attacker can reset arbitrary user passwords by guessing a 4‑digit numeric reset code, enabling account takeover with high impact (C/H/I/A). The connected ...

9.8CVSS6AI score0.00621EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder