CVE-2025-13390
CVE-2025-13390 affects the WordPress plugin WP Directory Kit, versions up to 1.4.4. The flaw is an authentication bypass caused by a weak token generation in the wdk_generate_auto_login_link function, making tokens predictable and allowing unauthenticated attackers to gain administrative access a...