Title: Potential Security Problem
Last modified: March 25, 2023

---

# Potential Security Problem

 *  [rwassell](https://wordpress.org/support/users/rwassell/)
 * (@rwassell)
 * [3 years, 2 months ago](https://wordpress.org/support/topic/potential-security-problem/)
 * Dear forum,
   I am not sure the best place to report this but I think I have observed/
   encountered a security problem on a WordPress website where a user seems to be
   able to initiate a forgotten password request and then be able to intercept/spoof
   the key to change a users password and then login as that user. I have detailed
   logs/evidence but I don’t want to post the information here in case it that spreads
   knowledge of the issue.I really need to be able to report this to WordPress experts
   to investigate. How can I achieve this?Rob

Viewing 1 replies (of 1 total)

 *  [karolinapan](https://wordpress.org/support/users/karolinapan/)
 * (@karolinapan)
 * [3 years, 2 months ago](https://wordpress.org/support/topic/potential-security-problem/#post-16594573)
 * Hi,
 * You may refer to the following:
 * [https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/](https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/)

Viewing 1 replies (of 1 total)

The topic ‘Potential Security Problem’ is closed to new replies.

 * In: [Everything else WordPress](https://wordpress.org/support/forum/miscellaneous/)
 * 2 replies
 * 2 participants
 * Last reply from: [karolinapan](https://wordpress.org/support/users/karolinapan/)
 * Last activity: [3 years, 2 months ago](https://wordpress.org/support/topic/potential-security-problem/#post-16594573)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics