CVE-2021-27200

In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. The code parameter is easily predicted from the time of day. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt