Unpatched WordPress Password Reset Flaw Disclosed
SecurityWeek | May 04, 2017
A researcher has disclosed the details of a WordPress vulnerability that can be exploited by an unauthenticated attacker to reset a targeted user’s password. The flaw was reported to WordPress months ago, but it still has not been patched.