CVE-2025-10645

The WP Reset plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.05 via the WFLicensing::log method when debugging is enabled default. This makes it possible for unauthenticated attackers to extract sensitive license key and site data...

CVE-2025-10645

The WP Reset plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.05 via the WFLicensing::log method when debugging is enabled default. This makes it possible for unauthenticated attackers to extract sensitive license key and site data...

CVE-2025-10645 WP Reset <= 2.05 - Unauthenticated Sensitive Information Exposure via wf-licensing.log

The WP Reset plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.05 via the WFLicensing::log method when debugging is enabled default. This makes it possible for unauthenticated attackers to extract sensitive license key and site data...

CVE-2025-10645

CVE-2025-10645 affects the WordPress plugin WP Reset, specifically versions up to and including 2.05. The vulnerability allows unauthenticated attackers to trigger sensitive information exposure through the WF_Licensing::log() method when debugging is enabled, potentially leaking license keys and...

EUVD-2021-23485

Malware in sbrugna...

EUVD-2021-11336

Malware in sbrugna...

EUVD-2021-23484

Malware in sbrugna...

WordPress WP Reset plugin <= 2.05 - Unauthenticated Sensitive Information Exposure via wf-licensing.log vulnerability

Unauthenticated Sensitive Information Exposure via wf-licensing.log vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin WP Reset versions = 2.05...

CVE-2023-6799

The WP Reset – Most Advanced WordPress Reset Tool plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0 via the use of insufficiently random snapshot names. This makes it possible for unauthenticated attackers to extract sensitive data...

CVE-2021-24424

The WP Reset – Most Advanced WordPress Reset Tool WordPress plugin before 1.90 did not sanitise or escape its extradata parameter when creating a snapshot via the admin dashboard, leading to an authenticated Stored Cross-Site Scripting issue...

CVE-2024-4661

The WP Reset plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveajax function in all versions up to, and including, 2.02. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify the val...

CVE-2024-4661

CVE-2024-4661 (WP Reset) – WordPress Plugin . Vulnerability due to missing capability check in the save_ajax function across versions up to 2.02, enabling authenticated users with subscriber-level access and above to modify the value of the “License Key” field under the Activate Pro License setti...

WordPress plugin WP Reset security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress WP Reset plugin <= 2.02 - Missing Authorization to License Key Modification vulnerability

Missing Authorization to License Key Modification vulnerability discovered by Foxyyy in WordPress Plugin WP Reset versions = 2.01...

WP Reset < 2.03 - Missing Authorization to License Key Modification

Description The WP Reset plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveajax function in all versions up to, and including, 2.02. This makes it possible for authenticated attackers, with subscriber-level access and above, to...

CVE-2023-6799

The WP Reset – Most Advanced WordPress Reset Tool plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0 via the use of insufficiently random snapshot names. This makes it possible for unauthenticated attackers to extract sensitive data...

CVE-2023-6799

The WP Reset – Most Advanced WordPress Reset Tool plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0 via the use of insufficiently random snapshot names. This makes it possible for unauthenticated attackers to extract sensitive data...

WP Reset < 2.0 - Sensitive Information Exposure due to Insufficient Randomness

Description The plugin is vulnerable to Sensitive Information Exposure via the use of insufficiently random snapshot names, allowing unauthenticated attackers to extract sensitive data including site backups by brute-forcing the snapshot filenames...

CVE-2024-1501 Database Reset <= 3.22 - Cross-Site Request Forgery to WP Reset Plugin Installation

The Database Reset plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.22. This is due to missing or incorrect nonce validation on the installwpr function. This makes it possible for unauthenticated attackers to install the WP Reset Plugin via ...

Database Reset < 3.23 - Cross-Site Request Forgery to WP Reset Plugin Installation

Description The Database Reset plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.22. This is due to missing or incorrect nonce validation on the installwpr function. This makes it possible for unauthenticated attackers to install the WP Reset...