Primary

Context

WordPress Password Reset with Code REST API Plugin Insecure OTP Generation Vulnerability

Vulnerability

A vulnerability exists in the Password Reset with Code for WordPress REST API plugin, affecting versions prior to 0.0.17. The plugin fails to use cryptographically secure methods for generating one-time password (OTP) codes, which could lead to account takeover. The OTP codes are created using the str_shuffle PHP function, known to produce non-secure values that can be easily guessed.

Impact

Exploitation of this vulnerability could allow unauthorized users to reset passwords and gain access to user accounts.

Reproduction

To reproduce this vulnerability, send a POST request to the '/wp-json/bdpwr/v1/reset-password' endpoint. Include the target user's email address in the request body. The response will indicate whether the password reset request was successful.

Remediation

Users are advised to update the Password Reset with Code for WordPress REST API plugin to version 0.0.17 or later.

Added: Sep 18, 2025, 6:18 AM

Updated: Sep 18, 2025, 2:05 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.7

remediation

7.7

relevance

0.5

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.7

remediation

7.7

relevance

0.5

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WordPress Password Reset with Code REST API Plugin Insecure OTP Generation Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating