[wp-trac] [WordPress Trac] #43749: Update zxcvbn to 4.4.2
WordPress Trac
noreply at wordpress.org
Tue Oct 7 10:45:45 UTC 2025
#43749: Update zxcvbn to 4.4.2
-----------------------------------------+-----------------------------
Reporter: desrosj | Owner: (none)
Type: enhancement | Status: assigned
Priority: normal | Milestone: Future Release
Component: External Libraries | Version:
Severity: normal | Resolution:
Keywords: needs-testing needs-refresh | Focuses: javascript
-----------------------------------------+-----------------------------
Comment (by La Geek):
[Hackerone closed the ticket]https://de.wordpress.org/support/topic
/zxcvbn-schwachstelle/#post-172170:
>There is no attack vector here. There is no way to exploit it. In order
for it to be a valid issue, you have to show how it can be used to exploit
anything at all. This is a Javascript library used to measure passwords.
It is not used by WordPress itself. It cannot be used to attack other
people, or indeed to attack anything.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/43749#comment:31>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list