Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
+6 votes
in Plugins by


Our security teams noticed it is possible to takeover an account by brute forcing reset password functionality.

Technically it is possible to do any number of requests (with code) on reset password page.

Are there any plugins or maybe I simply do not know how to configure system properly?


Q2A version: 1.8.6

Please log in or register to answer this question.