Unpatched WordPress Flaw Could Allow Hackers To Reset Admin Password

By [email protected] (Mohit Kumar) WordPress, the most popular CMS in the world, is vulnerable to a logical vulnerability that could allow a remote attacker to reset targeted users’ password under certain circumstances.

The vulnerability (CVE-2017-8295) becomes even more dangerous after knowing that it affects all versions of WordPress — including the latest 4.7.4 version.

The WordPress flaw was discovered by Polish security

Via:: Unpatched WordPress Flaw Could Allow Hackers To Reset Admin Password