CVE-2014-6412

CVE Database · CVE-2014-6412

· N/AModified

CVSS v3.1

N/A

EPSS

4.78%

Published

Apr 12, 2018

Modified

Nov 20, 2024

Public PoC / Exploit (1)

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

WordPress before 4.4 makes it easier for remote attackers to predict password-recovery tokens via a brute-force approach.

Weaknesses (CWE)

CWE-640

Affected Products (1)

wordpress · wordpress (up to 4.4.0)vulnerable

References (14)

Third Party AdvisoryVDB Entry

Mailing ListThird Party Advisory

Mailing ListThird Party Advisory

Third Party AdvisoryVDB Entry

Third Party AdvisoryVDB Entry