Lucene search
RyanWPVDB-ID:7DB191C0-D112-4F08-A419-A1CD81928C4EHistoryApr 29, 2020 - 12:00 a.m.
WordPress < 5.4.1 - Password Reset Tokens Failed to Be Properly Invalidated
2020-04-2900:00:00
Ryan
wpscan.com
187
0.008 Low
EPSS
Percentile
81.7%
When a user requested a password reset link, but did not use it and instead reset their password by logging in, the password reset link would still be usable. This could give an attacker a larger attack window to obtain the password reset link. However, the attacker must first have access to the user’s email account, which if this was the case, the attacker could just request another password reset link anyway. Due to this, this vulnerability is a low risk and is unlikely to be exploited in the wild.
Related
prion
prion
Design/Logic Flaw
2020-04-30 23:15:00
veracode
veracode
Insecure Password Reset Mechanism
2020-05-04 04:16:05
zdt
zdt
nvd
nvd
CVE-2020-11027
2020-04-30 23:15:11
osv
osv
BIT-wordpress-2020-11027
2024-03-06 11:12:11
BIT-wordpress-multisite-2020-11027
2024-03-06 11:12:02
CVE-2020-11027
2020-04-30 23:15:11
ubuntucve
ubuntucve
CVE-2020-11027
2020-04-30 00:00:00
debiancve
debiancve
CVE-2020-11027
2020-04-30 23:15:11
cve
cve
CVE-2020-11027
2020-04-30 23:15:11
cvelist
cvelist
CVE-2020-11027 Password reset links invalidation issue in WordPress
2020-04-30 00:00:00
packetstorm
packetstorm
WordPress Theme Medic 1.0.0 Weak Password Recovery Mechanism
2023-06-20 00:00:00
exploitdb
exploitdb
openvas
openvas
WordPress Multiple Vulnerabilities (May 2020) - Linux
2020-05-05 00:00:00
WordPress Multiple Vulnerabilities (May 2020) - Windows
2020-05-05 00:00:00
Debian: Security Advisory (DLA-2208-1)
2020-05-12 00:00:00
nessus
nessus
Debian DLA-2208-1 : wordpress security update
2020-05-12 00:00:00
Debian DSA-4677-1 : wordpress - security update
2020-05-07 00:00:00
debian
debian
[SECURITY] [DLA 2208-1] wordpress security update
2020-05-11 13:43:12
[SECURITY] [DSA 4677-1] wordpress security update
2020-05-06 06:30:09
[SECURITY] [DSA 4677-1] wordpress security update
2020-05-06 06:30:09