High severity8.1NVD Advisory· Published Nov 18, 2023· Updated Apr 8, 2026
CVE-2023-4214
CVE-2023-4214
Description
The AppPresser plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 4.2.5. This is due to the plugin generating too weak a reset code, and the code used to reset the password has no attempt or time limit.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=4.2.5
Patches
Vulnerability mechanics
References
4- plugins.trac.wordpress.org/changeset/2997160/apppressernvdPatch
- www.wordfence.com/threat-intel/vulnerabilities/id/4c44c36a-c4c7-49c2-b750-1589e7840ddenvdThird Party Advisory
- plugins.trac.wordpress.org/browser/apppresser/trunk/inc/AppPresser_API_Limit.phpnvdProduct
- plugins.trac.wordpress.org/browser/apppresser/trunk/inc/AppPresser_WPAPI_Mods.phpnvdProduct
News mentions
0No linked articles in our index yet.