Full title: WordPress Elementor Lite 5.7.1 Arbitrary Password Reset Vulnerability 
Category: web applications
Platform: php
On May 11 2023, Essential Addons for Elementor, a WordPress plugin with over one million active installations, released a patch for a critical vulnerability that made it possible for any unauthenticated user to reset arbitrary user passwords, including user accounts with administrative-level access. Versions 5.7.1 and below are affected.

# 0day.today @ http://0day.today/