CVE-2025-60954

Name of the Vulnerable Software and Affected Versions Microweber CMS version 2.0

Description The application does not enforce minimum password length or complexity during password resets. This allows users to set weak passwords, including single-character passwords, potentially leading to account compromise, including administrative accounts.

Recommendations Apply a strong password policy that enforces minimum length and complexity requirements for all user accounts.