wp-login.php in WordPress prior to 3.7.5, 3.8.x prior to 3.8.5, 3.9.x prior to 3.9.3, and 4.x prior to 4.0.1 might allow remote malicious users to reset passwords by leveraging access to an e-mail account that received a password-reset message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
debian debian linux 7.0 |
||
debian debian linux 8.0 |
||
mageia project mageia 4 |
||
mageia project mageia 3 |
||
wordpress wordpress 3.9.1 |
||
wordpress wordpress 3.9.2 |
||
wordpress wordpress 4.0 |
||
wordpress wordpress 3.8.1 |
||
wordpress wordpress 3.8.3 |
||
wordpress wordpress 3.9 |
||
wordpress wordpress |
||
wordpress wordpress 3.8 |
||
wordpress wordpress 3.8.2 |
||
wordpress wordpress 3.8.4 |