CVE-2025-4607: 
WordPress vulnerability analysis and mitigation

The PSW Front-end Login & Registration plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 1.12. The vulnerability was disclosed on May 31, 2025, and affects the plugin's customer_registration() function. This security issue has been assigned CVE-2025-4607 and has received a CVSS v3.1 base score of 9.8 (CRITICAL) (NVD).

The vulnerability stems from the use of a weak, low-entropy OTP mechanism in the forget() function. The function generates predictable password reset tokens using PHP's rand() function with a limited range of 4000-9999, making it susceptible to brute force attacks. This implementation is tracked as CWE-330 (Use of Insufficiently Random Values). The vulnerability has received a CVSS v3.1 score of 9.8 CRITICAL with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (NVD, WordPress Source).

The vulnerability allows unauthenticated attackers to initiate password resets for any user account, including administrators. This can lead to complete site takeover by elevating attacker privileges to administrative access. The critical severity rating indicates the potential for full compromise of affected WordPress installations (NVD).

The plugin has been temporarily closed as of May 29, 2025, pending a full security review. Users are advised to disable and remove the plugin until a patched version is released (WordPress Plugin).