Description

Microweber CMS 2.0 has Weak Password Requirements. The application does not enforce minimum password length or complexity during password resets. Users can set extremely weak passwords, including single-character passwords, which can lead to account compromise, including administrative accounts.

INFO

Published Date :

2025-10-24T00:00:00.000Z

Last Modified :

2025-10-24T20:40:52.388Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-60954 vulnerability.

Vendors Products
Microweber
  • Cms
  • Microweber
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-60954.

URL Resource
https://gist.github.com/progprnv/feae2b76f2db0cb2ac6e14b1bf7d8646 cve-icon cve-icon
https://github.com/microweber/microweber cve-icon cve-icon
https://github.com/progprnv/CVE-Reports/blob/main/CVE-2025-60954 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact