Iulia Cazan Emails Catch All Authentication Bypass Vulnerability in Password Recovery

Vulnerability

An authentication bypass vulnerability has been identified in the Iulia Cazan Emails Catch All WordPress plugin, versions prior to and including 3.5.3. This vulnerability allows exploitation of the password recovery feature, potentially leading to unauthorized access.

Impact

Exploitation of this vulnerability could result in unauthorized access to user accounts through the password recovery mechanism.

Added: Oct 22, 2025, 3:59 PM

Updated: Oct 22, 2025, 10:06 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Iulia Cazan Emails Catch All Authentication Bypass Vulnerability in Password Recovery

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating