CVEs classified under CWE-620, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2024-20419 — CVSS 10.0 (critical): A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote…
CVE-2025-1107 — CVSS 9.9 (critical): Unverified password change vulnerability in Janto, versions prior to r12. This could allow an unauthenticated attacker to change another…
CVE-2024-33699 — CVSS 9.9 (critical): The LevelOne WBR-6012 router's web application has a vulnerability in its firmware version R0.40e6, allowing attackers to change the…
CVE-2025-63362 — CVSS 9.8 (critical): Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301 allows…
CVE-2025-9286 — CVSS 9.8 (critical): The Appy Pie Connect for WooCommerce plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization within the…
CVE-2025-10159 — CVSS 9.8 (critical): An authentication bypass vulnerability allows remote attackers to gain administrative privileges on Sophos AP6 Series Wireless Access…
CVE-2025-4606 — CVSS 9.8 (critical): The Sala - Startup & SaaS WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up…
CVE-2024-12827 — CVSS 9.8 (critical): The DWT - Directory & Listing WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all…
CVE-2025-4322 — CVSS 9.8 (critical): The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67…
CVE-2025-4558 — CVSS 9.8 (critical): The GPM from WormHole Tech has an Unverified Password Change vulnerability, allowing unauthenticated remote attackers to change any user's…
CVE-2025-2253 — CVSS 9.8 (critical): The IMITHEMES Listing plugin is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.3. This is…
CVE-2025-3603 — CVSS 9.8 (critical): The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including…
CVE-2024-48887 — CVSS 9.8 (critical): A unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin…
CVE-2024-12824 — CVSS 9.8 (critical): The Nokri – Job Board WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up…
CVE-2024-12860 — CVSS 9.8 (critical): The CarSpot – Dealership Wordpress Classified Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all…
CVE-2024-13375 — CVSS 9.8 (critical): The Adifier System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including…
CVE-2024-26520 — CVSS 9.8 (critical): An issue in Hangzhou Xiongwei Technology Development Co., Ltd. Restaurant Digital Comprehensive Management platform v1 allows an attacker…
CVE-2024-37998 — CVSS 9.8 (critical): A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5.40), SICORE Base system (All versions <…
CVE-2023-2449 — CVSS 9.8 (critical): The UserPro plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 5.1.1. This is due to the…
CVE-2023-2297 — CVSS 9.8 (critical): The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to unauthorized password resets in…
CVE-2026-5386 — CVSS 9.1 (critical): The affected KMW CCTV Security Cameras are vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to…
CVE-2026-30458 — CVSS 9.1 (critical): An issue in Daylight Studio FuelCMS v1.5.2 allows attackers to exfiltrate users' password reset tokens via a mail splitting attack.
CVE-2026-24443 — CVSS 8.8 (high): EventSentry versions prior to 6.0.1.20 contain an unverified password change vulnerability in the account management functionality of the…
CVE-2026-24440 — CVSS 8.8 (high): Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) allow account passwords to be changed through the…
CVE-2025-5482 — CVSS 8.8 (high): The Sunshine Photo Cart: Free Client Photo Galleries for Photographers plugin for WordPress is vulnerable to privilege escalation via…
CVE-2025-3607 — CVSS 8.8 (high): The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions…
CVE-2024-9431 — CVSS 8.8 (high): In version v0.0.14 of transformeroptimus/superagi, there is an improper privilege management vulnerability. After logging into the system…
CVE-2025-14751: A low-privileged user can bypass account credentials without confirming the user's current authentication state, which may lead to…
CVE-2025-67719: Ibexa is a composable end-to-end DXP (Digital Experience Platform). Versions 5.0.0-beta1 through 5.0.3 do not have password validation…
CVE-2024-28143 — CVSS 8.4 (high): The password change function at /cgi/admin.cgi does not require the current/old password, which makes the application vulnerable to account…
CVE-2025-71328 — CVSS 8.3 (high): Flowise before 3.0.10 contains an unverified password change vulnerability. An authenticated user can change their account password through…
CVE-2025-71337 — CVSS 8.3 (high): Flowise before 3.0.10 (affected versions 3.0.7 and earlier) contains an unverified email change vulnerability. An authenticated user can…
CVE-2025-62425 — CVSS 8.3 (high): MAS (Matrix Authentication Service) is a user management and authentication service for Matrix homeservers, written and maintained by…
CVE-2025-61536 — CVSS 8.2 (high): FelixRiddle dev-jobs-handlebars 1.0 uses absolute password-reset (magic) links using the untrusted `req.headers.host` header and forces the…
CVE-2025-22381 — CVSS 8.2 (high): Aggie 2.6.1 has a Host Header injection vulnerability in the forgot password functionality, allowing an attacker to reset a user's password.
CVE-2024-27715 — CVSS 8.2 (high): An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via a crafted…
CVE-2026-42084 — CVSS 8.1 (high): OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions…
CVE-2026-40588 — CVSS 8.1 (high): blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, the password change form at /profile/{slug}/edit/ does not include…
CVE-2025-13148 — CVSS 8.1 (high): IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow could an authenticated user to change the password of another user without prior…
CVE-2024-13373 — CVSS 8.1 (high): The Exertio Framework plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including…
CVE-2023-4214 — CVSS 8.1 (high): The AppPresser plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 4.2.5. This is due to…
CVE-2026-27757 — CVSS 7.1 (high): SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain an authentication vulnerability that allows authenticated users to…
CVE-2025-61132 — CVSS 7.1 (high): A Host Header Injection vulnerability in the password reset component in levlaz braindump v0.4.14 allows remote attackers to conduct…
CVE-2025-59808 — CVSS 6.8 (medium): An unverified password change vulnerability [CWE-620] vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0…
CVE-2024-41796 — CVSS 6.5 (medium): A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices allows to…
CVE-2021-22773 — CVSS 6.5 (medium): A CWE-620: Unverified Password Change vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink…
CVE-2019-25653 — CVSS 6.2 (medium): Navicat for Oracle 12.1.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an…
CVE-2024-21757 — CVSS 6.1 (medium): A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0…