Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
UserPro Plugin Vulnerability Allows Account Takeover
Malware and Vulnerabilities
May 23, 2024
Infosecurity Magazine
Patchstack discovered the critical flaw in the plugin’s password reset mechanism, specifically within the userpro_process_form function, which allowed unauthenticated users to change the passwords of other users under certain conditions.
Read More
Wordpress Sites
UserPro plugin
Critical Severity Vulnerability
CVE-2024-35700
password reset process
Publisher
Previous
Snowflake's Anvilogic Investment Signals Changes in SIE ...
Companies to Watch
Next
Rockwell Automation Urges Disconnection of ICS from the ...
Govt., Critical Infrastructure