0.001 Low
EPSS
Percentile
51.3%
The plugin does not properly validates a user sent a valid password reset token, enabling attackers to take over other user accounts, like administrators.
www.wordfence.com/blog/2023/06/critical-security-update-directorist-wordpress-plugin-patches-two-high-risk-vulnerabilities/