CVE-2024-1290 — The User Registration WordPress plugin before 2.12 does not prevent users with at least the contributor role from rendering sensitive shortcodes, allowing them to generate, and leak, valid password re — CVE Database · The Intelligence Room