CVE-2025-7695 | Dataverse Integration Plugin up to 2.81 on WordPress REST Endpoint reset_password_link get_password_reset_key authorization

Inserito da Angelo Barbosa | Lug 23, 2025 | CVE

A vulnerability classified as critical was found in Dataverse Integration Plugin up to 2.81 on WordPress. This vulnerability affects the function get_password_reset_key of the file reset_password_link of the component REST Endpoint. The manipulation leads to missing authorization.

This vulnerability was named CVE-2025-7695. The attack can be initiated remotely. There is no exploit available.

CVE-2025-7695 | Dataverse Integration Plugin up to 2.81 on WordPress REST Endpoint reset_password_link get_password_reset_key authorization

Post correlati

CVE-2024-10429 | WAVLINK WN530H4/WN530HG4/WN572HG3 up to 20221028 internet.cgi set_ipv6 IPv6OpMode/IPv6IPAddr/IPv6WANIPAddr/IPv6GWAddr command injection

CVE-2023-7146 | gopeak MasterLab up to 3.3.10 HTTP POST Request Feature.php sqlInjectDelete phone sql injection

CVE-2024-47059 | Mautic up to 5.1.0 observable response discrepancy (GHSA-8vff-35qm-qjvv)

CVE-2024-1861 | Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan Plugin Table Truncation authorization