CVE-2025-60041

Authentication Bypass Using an Alternate Path or Channel vulnerability in Iulia Cazan Emails Catch All emails-catch-all allows Password Recovery Exploitation.This issue affects Emails Catch All: from n/a through <= 3.5.3. More information : https://vdp.patchstack.com/database/Wordpress/Plugin/emails-catch-all/vulnerability/wordpress-emails-catch-all-plugin-3-5-3-broken-authentication-vulnerability