ГлавнаяУязвимости → CVE-2025-15030
9.8критическая

CVE-2025-15030

Описание

The User Profile Builder WordPress plugin before 3.15.2 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account

CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://wpscan.com/vulnerability/344cb1b1-342e-44b2-ae4a-3bb31be56b22/