CVE-2023-4214

The AppPresser plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 4.2.5. This is due to the plugin generating too weak a reset code, and the code used to reset the password has no attempt or time limit...

CVE-2024-6125

The Login with phone number plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 1.7.34. This is due to the plugin generating too weak a reset code, and the code used to reset the password has no attempt or time limit. This makes it possible for...

CVE-2023-4214 AppPresser <= 4.2.5 - Insecure Password Reset Mechanism

The AppPresser plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 4.2.5. This is due to the plugin generating too weak a reset code, and the code used to reset the password has no attempt or time limit...

PT-2023-28282 · WordPress · Apppresser

Name of the Vulnerable Software and Affected Versions: AppPresser plugin for WordPress versions up to, and including 4.2.5 Description: The issue allows for unauthorized password resets due to the plugin generating a weak reset code. The code used to reset the password has no attempt or time limi...