CVE-2025-4607: 
WordPress vulnerability analysis and mitigation

The PSW Front-end Login & Registration plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 1.12. The vulnerability was disclosed on May 31, 2025, and has been assigned CVE-2025-4607. The plugin has been temporarily closed since May 29, 2025, pending a full security review (WordPress Plugin, NVD).

The vulnerability exists in the customer_registration() function and stems from the use of a weak, low-entropy OTP mechanism in the forget() function. The implementation generates predictable password reset tokens using PHP's rand() function with a limited range of 4000-9999, which is tracked as CWE-330 (Use of Insufficiently Random Values). The vulnerability has received a CVSS v3.1 base score of 9.8 CRITICAL with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability allows unauthenticated attackers to initiate password resets for any user account, including administrators. This can lead to complete site takeover through privilege escalation, potentially giving attackers full administrative access to affected WordPress installations (NVD).

The plugin has been temporarily closed pending a full security review. Users are advised to disable and remove the plugin until a patched version is released. No official workarounds have been provided (WordPress Plugin).