WordPress Plugin Google Authenticator-Per User Prompt Timing Attack

WordPress Plugin Google Authenticator-Per User Prompt is prone to a timing attack vulnerability because of an implementation flaw in how the application validates the password for a user account. Exploiting this issue may allow attackers to brute force an application password and gain access to the account. WordPress Plugin Google Authenticator-Per User Prompt version 0.6 is vulnerable prior versions may also be affected.