MEDIUM
Andy Moyle
CVE published 2026-06-17
CVE-2024-35648
A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the Emergency Password Reset plugin up to version 8.0. This issue allows attackers to trick users into performing unintended actions on the website. The vulnerability has a CVSS score of 4.3 and is classified as MEDIUM severity. Users of the Emergency Password Reset plugin should take immediate action to protect their sites.