[wp-trac] [WordPress Trac] #59571: Summary: No rate limit check on Reset forgot password which can lead to mass mailing and spamming of users and possible employees A little bit about Rate Limit
WordPress Trac
noreply at wordpress.org
Mon Oct 9 12:11:58 UTC 2023
#59571: Summary: No rate limit check on Reset forgot password which can lead to
mass mailing and spamming of users and possible employees A little bit
about Rate Limit
-------------------------+-----------------------------
Reporter: princegill | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version:
Severity: critical | Keywords:
Focuses: rest-api |
-------------------------+-----------------------------
Browsers Verified In:
firefox
Steps To Reproduce:
1 Registered account
2 Go to https://a8cteam5105.wordpress.com/reset-password/
3 Enter Email Send Reset Intructions check mail and reset password
4 5 to 10 min wait open same link and reset again password
5 Boom.....✹
ATTACH Of POC VIDEO CLIP
--
Ticket URL: <https://core.trac.wordpress.org/ticket/59571>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list