Security Advisory

CVE-2025-5305

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-18 06:00:04

Last updated 2025-09-22 17:27:38

Assigner WPScan

State PUBLISHED

Description

The Password Reset with Code for WordPress REST API WordPress plugin before 0.0.17 does not use cryptographically sound algorithms to generate OTP codes, potentially leading to account takeovers.

← Browse all CVEs View on cve.org ↗