Lucene search
Veracode Vulnerability DatabaseVERACODE:25153HistoryMay 04, 2020 - 4:16 a.m.
Insecure Password Reset Mechanism
2020-05-0404:16:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
0.008 Low
EPSS
Percentile
81.7%
wordpress uses an insecure password reset mechanism. A user’s password reset link does not become invalidated upon a successful password change. This would allow an attacker to reset the user’s password again if the password reset link was discovered.
Related
prion
prion
Design/Logic Flaw
2020-04-30 23:15:00
zdt
zdt
nvd
nvd
CVE-2020-11027
2020-04-30 23:15:11
osv
osv
BIT-wordpress-2020-11027
2024-03-06 11:12:11
BIT-wordpress-multisite-2020-11027
2024-03-06 11:12:02
CVE-2020-11027
2020-04-30 23:15:11
ubuntucve
ubuntucve
CVE-2020-11027
2020-04-30 00:00:00
debiancve
debiancve
CVE-2020-11027
2020-04-30 23:15:11
wpvulndb
wpvulndb
WordPress < 5.4.1 - Password Reset Tokens Failed to Be Properly Invalidated
2020-04-29 00:00:00
cve
cve
CVE-2020-11027
2020-04-30 23:15:11
cvelist
cvelist
CVE-2020-11027 Password reset links invalidation issue in WordPress
2020-04-30 00:00:00
packetstorm
packetstorm
WordPress Theme Medic 1.0.0 Weak Password Recovery Mechanism
2023-06-20 00:00:00
exploitdb
exploitdb
openvas
openvas
WordPress Multiple Vulnerabilities (May 2020) - Linux
2020-05-05 00:00:00
WordPress Multiple Vulnerabilities (May 2020) - Windows
2020-05-05 00:00:00
Debian: Security Advisory (DLA-2208-1)
2020-05-12 00:00:00
nessus
nessus
Debian DLA-2208-1 : wordpress security update
2020-05-12 00:00:00
Debian DSA-4677-1 : wordpress - security update
2020-05-07 00:00:00
debian
debian
[SECURITY] [DLA 2208-1] wordpress security update
2020-05-11 13:43:12
[SECURITY] [DSA 4677-1] wordpress security update
2020-05-06 06:30:09
[SECURITY] [DSA 4677-1] wordpress security update
2020-05-06 06:30:09