PT-2023-25109 · WordPress · Password Reset With Code For Wordpress Rest Api

Jonas Höbenreich

Publicado

2023-12-07

Atualizado

2023-12-12

CVE-2023-35039

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Password Reset with Code for WordPress REST API versions 0.0.0 through 0.0.15

Description The issue is related to an Improper Restriction of Excessive Authentication Attempts vulnerability in the Password Reset with Code for WordPress REST API, allowing Authentication Abuse.

Recommendations For versions 0.0.0 through 0.0.15, update to a version that includes a fix for this issue, as no specific mitigation measures are provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Restriction of Excessive Authentication Attempts

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-307

Identificadores relacionados

CVE-2023-35039

Produtos afetados

Password Reset With Code For Wordpress Rest Api

PT-2023-25109 · WordPress · Password Reset With Code For Wordpress Rest Api

CVE-2023-35039

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7