Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-06	CVE-2020-36176	Incorrect Authorization vulnerability in Ithemes Security The iThemes Security (formerly Better WP Security) plugin before 7.7.0 for WordPress does not enforce a new-password requirement for an existing account until the second login occurs. network low complexity ithemes CWE-863	5.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.