Primary

Context

EverShop Password Reset Token Exposure Vulnerability Allowing Account Takeover

Vulnerability

Patched

A vulnerability exists in EverShop, a TypeScript-first eCommerce platform, in versions prior to 2.1.1. The issue arises in the 'Forgot Password' feature, where the API response includes the password reset token for the specified email address. This token exposure enables an attacker to take over the associated account.

Impact

Exploitation of this vulnerability allows for arbitrary customer account takeover by exposing the password reset token in the API response, which can be used to reset the password and gain unauthorized access to the account.

Remediation

Users are advised to upgrade EverShop to version 2.1.1, which addresses this vulnerability.

Added: Feb 26, 2026, 11:27 PM

Updated: Feb 26, 2026, 11:27 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

1.3

exploitability

7.9

remediation

7.7

relevance

3.2

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

1.3

exploitability

7.9

remediation

7.7

relevance

3.2

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

EverShop Password Reset Token Exposure Vulnerability Allowing Account Takeover

Vulnerability

Impact

Remediation

Affected Products

EverShop

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating