Vulnerabilities > Ithemes > Ithemes Security

DATE CVE VULNERABILITY TITLE RISK
2021-01-06 CVE-2020-36176 Incorrect Authorization vulnerability in Ithemes Security
The iThemes Security (formerly Better WP Security) plugin before 7.7.0 for WordPress does not enforce a new-password requirement for an existing account until the second login occurs.
network
low complexity
ithemes CWE-863
5.0