CVE-2025-4607 CRITICAL

CVE-2025-4607: PSW Front-end Login & Registration <= 1.12 - Insufficiently Random Values to Unauthenticated Account Takeover/Privilege Escalation via customer_registration Function

Vendor Empoweringprowebsite
Product PSW Front-end Login & Registration
Weakness CWE-330 · Insufficient randomness
Published May 31, 2025
Last update April 8, 2026

CVSS base score

9.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

The PSW Front-end Login & Registration plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.12 via the customer_registration() function. This is due to the use of a weak, low-entropy OTP mechanism in the forget() function. This makes it possible for unauthenticated attackers to initiate a password reset for any user, including administrators, and elevate their privileges for full site takeover.

Explanation of Vulnerability in Simple Terms

02Summary

PSW Front-end Login & Registration versions 1.12 and earlier contain a use of insufficiently random values (CWE-330) that allows attackers to compromise user accounts and site data. The vulnerability requires no authentication or user interaction and can be exploited over the network. An attacker can read sensitive information, modify site content, or disrupt service availability.

What an attacker can do

03Attacker Capabilities

Read user data, modify site content, or disrupt the site without needing to log in.

Potential impact on your site

04Site Impact

User accounts and site data are at risk; attackers can access or modify content without credentials.

Conditions required to exploit

05Prerequisites

Network access only; no authentication or user interaction required.

Key dates

06Disclosure timeline

May 31, 2025 CVE published
April 8, 2026 Record updated