3 matches found
CVE-2025-60954
Microweber CMS 2.0 has Weak Password Requirements. The application does not enforce minimum password length or complexity during password resets. Users can set extremely weak passwords, including single-character passwords, which can lead to account compromise, including administrative accounts...
CVE-2025-60954
Microweber CMS 2.0 has Weak Password Requirements. The application does not enforce minimum password length or complexity during password resets. Users can set extremely weak passwords, including single-character passwords, which can lead to account compromise, including administrative accounts...
CVE-2025-60954
CVE-2025-60954 affects Microweber CMS 2.0, where the password reset flow enforces no minimum length or complexity, allowing extremely weak (even single-character) passwords and risking account compromise, including admin accounts. The vulnerability surface is the password reset process in Microwe...