CVE-2016-5838

Severity CVSS v4.0:
Pending analysis
Type:
CWE-255 Credentials Management
Publication date:
29/06/2016
Last modified:
12/04/2025

Description

WordPress before 4.5.3 allows remote attackers to bypass intended password-change restrictions by leveraging knowledge of a cookie.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* 4.5.2 (including)