High severity8.1NVD Advisory· Published Apr 12, 2018· Updated Jun 17, 2026
CVE-2014-6412
CVE-2014-6412
Description
WordPress before 4.4 makes it easier for remote attackers to predict password-recovery tokens via a brute-force approach.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<4.4+ 1 more
- (no CPE)range: <4.4
- (no CPE)range: <4.4
Patches
Vulnerability mechanics
References
7- packetstormsecurity.com/files/130380/WordPress-Failed-Randomness.htmlnvdThird Party AdvisoryVDB Entry
- seclists.org/fulldisclosure/2015/Feb/42nvdMailing ListThird Party Advisory
- seclists.org/fulldisclosure/2015/Feb/53nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/72589nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1031749nvdThird Party AdvisoryVDB Entry
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- core.trac.wordpress.org/ticket/28633nvdIssue TrackingVendor Advisory
News mentions
0No linked articles in our index yet.