CVE-2025-4607
The PSW Front-end Login & Registration plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.12 via the customerregistration function. This is due to the use of a weak, low-entropy OTP mechanism in the forget function. This makes it possible for...