Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-16	CVE-2021-24527	Improper Authentication vulnerability in Cozmoslabs Profile Builder The User Registration & User Profile – Profile Builder WordPress plugin before 3.4.9 has a bug allowing any user to reset the password of the admin of the blog, and gain unauthorised access, due to a bypass in the way the reset key is checked. network low complexity cozmoslabs CWE-287 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.