cleantalk
Vulnerabilities and Security Researches

AppPresser – Mobile App Framework, CVE-2023-4214

CVE, Research URL

CVE-2023-4214

Home page URL

Security reports for AppPresser – Mobile App Framework

Application

AppPresser – Mobile App Framework

Published on
Nov 18, 2023
Research Description
The AppPresser plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 4.2.5. This is due to the plugin generating too weak a reset code, and the code used to reset the password has no attempt or time limit.
Affected versions
max 4.3.0.
Status
vulnerable
Previous vulnerability researches
AppPresser – Mobile App Framework (CVE-2024-11024) , Nov 27, 2024
AppPresser – Mobile App Framework (CVE-2025-1561) , Mar 14, 2025
AppPresser – Mobile App Framework (CVE-2024-4611) , Jun 07, 2024
AppPresser – Mobile App Framework (CVE-2023-4214) , Jun 07, 2024
AppPresser – Mobile App Framework (CVE-2024-31268) , Jun 07, 2024
New vulnerability
OOPSpam Anti-Spam (CVE-2026-32544) , Mar 31, 2026
NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor (CVE-2026-27042) , Mar 31, 2026
The Conference (CVE-2026-32335) , Mar 31, 2026
WP Booking System – Booking Calendar (CVE-2025-68515) , Mar 31, 2026
UPI QR Code Payment Gateway for WooCommerce (CVE-2025-67969) , Mar 31, 2026