CVE-2025-60954

Published: Oct 24, 2025

Modified: Oct 24, 2025

PUBLISHED

Description

Microweber CMS 2.0 has Weak Password Requirements. The application does not enforce minimum password length or complexity during password resets. Users can set extremely weak passwords, including single-character passwords, which can lead to account compromise, including administrative accounts.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/microweber/microweber

https://gist.github.com/progprnv/feae2b76f2db0cb2ac6e14b1bf7d8646

https://github.com/progprnv/CVE-Reports/blob/main/CVE-2025-60954

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-60954

Description

Affected Products

References