Security Advisory

CVE-2014-9039

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-11-25 23:00:00

Last updated 2024-08-06 13:33:13

Assigner mitre

State PUBLISHED

Description

wp-login.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to reset passwords by leveraging access to an e-mail account that received a password-reset message.

← Browse all CVEs View on cve.org ↗