CRITICAL🇵🇱 Wersja polska

CVE-2025-4607

CVSS 9.8v3.1pub. 2025-05-31upd. 2026-04-15

The PSW Front-end Login & Registration plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.12 via the customer_registration() function. This is due to the use of a weak, low-entropy OTP mechanism in the forget() function. This makes it possible for unauthenticated attackers to initiate a password reset for any user, including administrators, and elevate their privileges for full site takeover.

🤖 AI Analysis
How it works

The forget() function responsible for password reset generates a one-time OTP code using a low-entropy mechanism (CWE-330), making the code susceptible to guessing or brute-force attacks. An unauthenticated attacker can initiate a password reset procedure for any account, and then — through the customer_registration() function — take control of that account. Successful exploitation of the vulnerability leads to privilege escalation and complete website takeover.

Impact

An attacker without any privileges can take over a WordPress administrator account and gain full control over the website, including access to data, content modification, and the ability to install malicious software.

Mitigation & patch

Update the PSW Front-end Login & Registration plugin to a version higher than 1.12 according to information available in the WordPress repository. Until the update is applied, it is recommended to disable or uninstall the plugin.

Who is affected

PSW Front-end Login & Registration plugin for WordPress in all versions up to and including 1.12.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth BypassLPE
CWE
References