Home

Description

The Ace User Management WordPress plugin through 2.0.3 does not properly validate that a password reset token is associated with the user who requested it, allowing any authenticated users, such as subscriber to reset the password of arbitrary accounts, including administrators.

PUBLISHED Reserved 2025-06-12 | Published 2025-11-05 | Updated 2025-11-05 | Assigner WPScan

Problem types

CWE-287 Improper Authentication

Product status

Default status
affected

Any version
affected

Credits

aschoiloa1890 finder

WPScan coordinator

References

wpscan.com/...rability/06fb8088-10e3-424e-a3ac-4673bac49467/ exploit vdb-entry technical-description

cve.org (CVE-2025-6027)

nvd.nist.gov (CVE-2025-6027)

Download JSON