CVE-2020-28642

9.8CRITICAL

In InfiniteWP Admin Panel before 3.1.12.3, resetPasswordSendMail generates a weak password-reset code, which makes it easier for remote attackers to conduct admin Account Takeover attacks.

发布于: 11/16/2020更新于: 11/21/2024
在NVD查看在MITRE查看

描述

In InfiniteWP Admin Panel before 3.1.12.3, resetPasswordSendMail generates a weak password-reset code, which makes it easier for remote attackers to conduct admin Account Takeover attacks.

AI分析AI驱动

受影响产品

infinitewpinfinitewp

参考资料