Lucene search
K

8 matches found

NVD
NVD
added 6 days ago11 views

CVE-2026-9701

The Eventer plugin for WordPress is vulnerable to an insecure password reset mechanism in all versions up to, and including, 4.4.2. The plugin stores a plaintext copy of the password reset key in the eventerverificationcode user meta field when a user requests a password reset. The plaintext key...

9.8CVSS0.00267EPSS
Exploits0References2
CVE
CVE
added 6 days ago14 views

CVE-2026-9701

The CVE-2026-9701 entry concerns the WordPress Eventer plugin (up to version 4.4.2) with an insecure password reset mechanism. The root cause is that the plugin stores a plaintext password reset key in the eventer_verification_code (wp_usermeta) when a reset is requested, allowing an attacker to ...

9.8CVSS6AI score0.00267EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago9 views

EUVD-2026-42163

The Eventer plugin for WordPress is vulnerable to an insecure password reset mechanism in all versions up to, and including, 4.4.2. The plugin stores a plaintext copy of the password reset key in the eventerverificationcode user meta field when a user requests a password reset. The plaintext key...

9.8CVSS6AI score0.00267EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago40 views

CVE-2026-9701 Eventer <= 4.4.2 - Insecure Password Reset Mechanism to Unauthenticated Privilege Escalation

The Eventer plugin for WordPress is vulnerable to an insecure password reset mechanism in all versions up to, and including, 4.4.2. The plugin stores a plaintext copy of the password reset key in the eventerverificationcode user meta field when a user requests a password reset. The plaintext key...

9.8CVSS0.00267EPSS
Exploits0References2
NVD
NVD
added 2026/06/02 8:16 p.m.18 views

CVE-2026-5076

The ARMember Premium plugin for WordPress is vulnerable to an insecure password reset mechanism in all versions up to, and including, 7.3.1. The plugin stores a plaintext copy of the password reset key in the armresetpasswordkey user meta field when a user requests a password reset. This is in...

9.8CVSS0.00419EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2026/06/02 6:30 p.m.14 views

CVE-2026-5076 ARMember Premium <= 7.3.1 - Insecure Password Reset Mechanism to Unauthenticated Privilege Escalation

The ARMember Premium plugin for WordPress is vulnerable to an insecure password reset mechanism in all versions up to, and including, 7.3.1. The plugin stores a plaintext copy of the password reset key in the armresetpasswordkey user meta field when a user requests a password reset. This is in...

9.8CVSS5.9AI score0.00419EPSS
Exploits3References2
CVE
CVE
added 2026/06/02 6:30 p.m.38 views

CVE-2026-5076

CVE-2026-5076 concerns ARMember Premium for WordPress (

9.8CVSS5.9AI score0.00419EPSS
Exploits3References2
Cvelist
Cvelist
added 2026/06/02 6:30 p.m.33 views

CVE-2026-5076 ARMember Premium <= 7.3.1 - Insecure Password Reset Mechanism to Unauthenticated Privilege Escalation

The ARMember Premium plugin for WordPress is vulnerable to an insecure password reset mechanism in all versions up to, and including, 7.3.1. The plugin stores a plaintext copy of the password reset key in the armresetpasswordkey user meta field when a user requests a password reset. This is in...

9.8CVSS0.00419EPSS
Exploits3References2
Rows per page
Query Builder