Security Advisory

CVE-2025-4094

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-21 06:00:09

Last updated 2025-08-27 12:00:33

Assigner WPScan

State PUBLISHED

Description

The DIGITS: WordPress Mobile Number Signup and Login WordPress plugin before 8.4.6.1 does not rate limit OTP validation attempts, making it straightforward for attackers to bruteforce them.

← Browse all CVEs View on cve.org ↗