CVE-2025-4094 – “Acunetix DIGITS WordPress OTP Brute Force Vulnerability”

May 22, 2025

CVE ID : CVE-2025-4094

Published : May 21, 2025, 6:16 a.m. | 20 hours, 43 minutes ago

Description : The DIGITS: WordPress Mobile Number Signup and Login WordPress plugin before 8.4.6.1 does not rate limit OTP validation attempts, making it straightforward for attackers to bruteforce them.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-34025 – Versa Concerto Privilege Escalation and Container Escape Vulnerability

Next Article Building a GitOps Workflow with Kubernetes and ArgoCD

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

I found the ultimate MacBook Air alternative for Windows users – and it’s priced well

Outdated IT help desks are holding businesses back – but there is a solution

Android’s latest update can force apps into dark mode – how to see it now

I tried the Google Pixel Watch 4 – and these key features made it feel indispensable

Building Cross-Platform Alerts with Laravel’s Notification Framework

Building Cross-Platform Alerts with Laravel’s Notification Framework

Add Notes Functionality to Eloquent Models With the Notable Package

How to install OpenPlatform — IoT platform

Basics of Digital Forensics

Basics of Digital Forensics

Top Linux Server Automation Tools: Simplifying System Administration

Rising from the Ashes: How AlmaLinux and Rocky Linux Redefined the Post-CentOS Landscape

CVE-2025-4094 – “Acunetix DIGITS WordPress OTP Brute Force Vulnerability”

“What happens online stays online” and other cyberbullying myths, debunked

The need for speed: Why organizations are turning to rapid, trustworthy MDR

CVE-2025-47938 – TYPO3 Password Change Without Verification

CVE-2025-49578 – Citizen is a MediaWiki skin that makes extensions

Added to Xbox This Week: College Football, Tony Hawk, Missile Command & More

CVE-2024-13914 – “WordPress File Manager Advanced Shortcode Local File Inclusion Vulnerability”

bookmarkmenu offers bookmark storage using the menu back end

Create a unit testing framework for PostgreSQL using the pgTAP extension

CISA Warns of Critical Flaws in Emerson ValveLink Software: Exploits Could Lead to Code Execution and Data Exposure

Windows XP returns from Microsoft’s graveyard in a nostalgic browser reboot — but don’t expect Internet Explorer to work

CVE-2025-4094 – “Acunetix DIGITS WordPress OTP Brute Force Vulnerability”

Related Posts