Skip to main content
CVE-2020-7048 CRITICAL POC THREAT Act Now

The WordPress plugin, WP Database Reset through 3.1, contains a flaw that allowed any unauthenticated user to reset any table in the database to the initial WordPress set-up state (deleting all site. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass PHP Wp Database Reset
NVD
CVSS 3.1
9.1
EPSS
22.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy