It's not obvious, there doesn't appear to be an obvious fault with your code. However, it it possible that it is caused by the way you are doing it.
Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
cmd.CommandText = "UPDATE Wsr_UserDetails SET Password=@PW,Confirm_Password=@CP,First_Login =1 WHERE UserId=@UI"
cmd.CommandType = CommandType.Text
cmd.Parameters.AddWithValue("@PW", txtnpwd.Text)
cmd.Parameters.AddWithValue("@CP", txtcpwd.Text)
cmd.Parameters.AddWithValue("@UI", UserId)
Try that, and see if your problem goes away as well.