Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
The User Registration & User Profile – Profile Builder WordPress plugin before 3.4.9 has a bug allowing any user to reset the password of the admin of the blog, and gain unauthorised access, due to a bypass in the way the reset key is checked. Furthermore, the admin will not be notified of such change by email for example.
- https://wpscan.com/vulnerability/c142e738-bc4b-4058-a03e-1be6fca47207
- https://github.com/20142995/nuclei-templates
- https://github.com/ARPSyndicate/cve-scores