CVE-2025-15030

Gravedad:

Pendiente de análisis

Tipo:

No Disponible / Otro tipo

Fecha de publicación:

02/02/2026

Última modificación:

02/02/2026

Descripción

*** Pendiente de traducción *** The User Profile Builder WordPress plugin before 3.15.2 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account

Impacto

Referencias a soluciones, herramientas e información

https://wpscan.com/vulnerability/344cb1b1-342e-44b2-ae4a-3bb31be56b22/