Primary

Context

Gilblas Ngunte Possi PSW Front-end Login & Registration Weak Password Recovery Vulnerability

Vulnerability

A vulnerability exists in the Gilblas Ngunte Possi PSW Front-end Login & Registration plugin, specifically in versions through 1.13, allowing exploitation of the password recovery mechanism. This weak recovery process could be manipulated to gain unauthorized access to user accounts.

Impact

Exploitation of this vulnerability could lead to unauthorized account access, allowing attackers to perform actions reserved for higher-privileged users, potentially including administrative tasks.

Remediation

Users of the Gilblas Ngunte Possi PSW Front-end Login & Registration plugin are advised to update to the latest version. For those unable to update immediately, Patchstack offers a virtual patch that can be applied to mitigate this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Gilblas Ngunte Possi PSW Front-end Login & Registration Weak Password Recovery Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating