Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
wp-login.php in WordPress 2.8.3 and earlier allows remote attackers to force a password reset for the first user in the database, possibly the administrator, via a key[] array variable in a resetpass (aka rp) action, which bypasses a check that assumes that $key is not an array.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WordPress 'wp-login.php'页面重置管理口令漏洞
Vulnerability Description
WordPress是一款免费的论坛Blog系统。 如果用户遗忘了口令并申请重置,首先要通过/wp-login.php?action=lostpassword表单提交邮件地址或用户名,然后Wordpress会发送类似于以下的确认邮件: " Someone has asked to reset the password for the following site and username. http://DOMAIN_NAME.TLD/wordpress Username: admin To reset y
CVSS Information
N/A
Vulnerability Type
N/A