ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Profile Builder Plugin <= 1.1.59 - BYPASS

Product
Profile Builder
Description
Because of this vulnerability, an attacker may exploit this issue to reset account passwords for arbitrary users which may aid in further attacks.
Solution
Update the plugin.
Classification
Type BYPASS
OWASP Top 10 A2: Broken Authentication and Session Management
References
Security Focus
CVE
Name CVE-N/A
Versions
Affected In <= 1.1.59
Fixed In 1.1.60
Disclosure date
2014-08-01