#VU27438 Weak Password Recovery Mechanism for Forgotten Password in WordPress - CVE-2020-11027
Published: April 29, 2020 / Updated: October 25, 2024
Vulnerability identifier: #VU27438
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber
CVE-ID: CVE-2020-11027
CWE-ID: CWE-640
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vulnerable software:
WordPress
WordPress
Software vendor:
WordPress.ORG
WordPress.ORG
Description
The vulnerability allows a remote attacker to compromise user accounts.
The vulnerability exists due to password reset token is not correctly invalidated. A remote attacker can abuse such behavior to take over another user account.
Successful exploitation of the vulnerability may allows an attacker to gain full access to the affected website.
Remediation
Install updates from vendor's website.
External links
- https://wordpress.org/news/2020/04/wordpress-5-4-1/
- https://wpvulndb.com/vulnerabilities/10201/
- https://core.trac.wordpress.org/changeset/47634/
- https://www.wordfence.com/blog/2020/04/unpacking-the-7-vulnerabilities-fixed-in-todays-wordpress-5-4-1-security-update/
- https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-ww7v-jg8c-q6jw