CVE-2024-22646: An email address enumeration vulnerability exists in the password reset function of SEO Panel version 4.10.0. This allows an attacker to guess...

Description

An email address enumeration vulnerability exists in the password reset function of SEO Panel version 4.10.0. This allows an attacker to guess which emails exist on the system.

Classification

CVE ID: CVE-2024-22646

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.2% (probability of being exploited)

EPSS Percentile: 42.19% (scored less or equal to compared to others)

EPSS Date: 2025-06-05 (when was this score calculated)

Stakeholder-Specific Vulnerability Categorization (SSVC)

SSVC Exploitation: none

SSVC Technical Impact: partial

SSVC Automatable: true

References

https://nvd.nist.gov/vuln/detail/CVE-2024-22646
https://github.com/cassis-sec/CVE/tree/main/2024/CVE-2024-22646

Timeline

2025-06-04 22:40:13 UTC
CVE

An email address enumeration vulnerability exists in the password reset function of SEO Panel version 4.10.0. This allows an attacker to guess...