mirror of
https://github.com/0xMarcio/cve.git
synced 2025-12-30 04:49:42 +00:00
667 B
667 B
CVE-2014-6412
Description
WordPress before 4.4 makes it easier for remote attackers to predict password-recovery tokens via a brute-force approach.
POC
Reference
- http://packetstormsecurity.com/files/130380/WordPress-Failed-Randomness.html
- http://seclists.org/fulldisclosure/2015/Feb/42
Github
No PoCs found on GitHub currently.