{"uuid": "29559828-808c-41a1-be28-856ae92f77d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12416", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116804264395356312", "content": "CRITICAL (CVSS 9.8): CVE-2026-12416 impacts pravel Invoice Generator \u22641.0.0. Weak password reset lets unauthenticated attackers reset any user\u2019s password, including admins. Restrict access or disable plugin. https://radar.offseq.com/threat/cve-2026-12416-cwe-640-weak-password-recovery-mech-e09858a3967d35a9 #OffSeq #WordPress #CVE #infosec", "creation_timestamp": "2026-06-24T09:00:33.231658Z"}