Security Advisory

CVE-2025-12628

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-24 12:58:37

Last updated 2025-11-24 15:09:10

Assigner WPScan

State PUBLISHED

Description

The WP 2FA WordPress plugin does not generate backup codes with enough entropy, which could allow attackers to bypass the second factor by brute forcing them

← Browse all CVEs View on cve.org ↗