Unpatched Wordpress Flaw Could Allow Hackers To Reset Admin Password

WordPress, the most popular CMS in the world, is vulnerable to a logical vulnerability that could allow a remote attacker to reset targeted users’ password under certain circumstances. The vulnerability (CVE-2017-8295) becomes even more dangerous after knowing that it affects all versions of WordPress — including the latest 4.7.4 version. The WordPress flaw was discovered by Polish security

from The Hacker News http://ift.tt/2qETcKD
via IFTTT