Lucene search
K

9 matches found

Exploit DB
Exploit DB
added 2025/05/25 12:0 a.m.404 views

WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass

!/usr/bin/env python3 Exploit Title: WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass Date: 2025-05-22 Exploit Author: Mohammed Idrees Banyamer Vendor Homepage: https://wordpress.org/plugins/user-registration/ Software Link:...

8.1CVSS7AI score0.0719EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2025/04/26 5:35 a.m.14 views

CVE-2025-2594

The User Registration & Membership WordPress plugin before 4.1.3 does not properly validate data in an AJAX action when the Membership Addon is enabled, allowing attackers to authenticate as any user, including administrators, by simply using the target account's user ID...

8.1CVSS6.8AI score0.0719EPSS
Exploits4References1
NVD
NVD
added 2025/04/22 6:15 a.m.52 views

CVE-2025-2594

The User Registration & Membership WordPress plugin before 4.1.3 does not properly validate data in an AJAX action when the Membership Addon is enabled, allowing attackers to authenticate as any user, including administrators, by simply using the target account's user ID...

8.1CVSS0.0719EPSS
Exploits4References1
OSV
OSV
added 2025/04/22 6:15 a.m.2 views

CVE-2025-2594

The User Registration & Membership WordPress plugin before 4.1.3 does not properly validate data in an AJAX action when the Membership Addon is enabled, allowing attackers to authenticate as any user, including administrators, by simply using the target account's user ID...

8.1CVSS5.8AI score
Exploits0References1
CVE
CVE
added 2025/04/22 6:0 a.m.86 views

CVE-2025-2594

The CVE-2025-2594 affects the WordPress plugin “User Registration & Membership” prior to version 4.1.3. Affected behavior: when the Membership Addon is enabled, data in an AJAX action is not properly validated, enabling an attacker to authenticate as any user (including administrators) by supplyi...

8.1CVSS8.5AI score0.0719EPSS
Exploits4References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/22 6:0 a.m.18 views

CVE-2025-2594 User Registration & Membership < 4.1.3 - Authentication Bypass

The User Registration & Membership WordPress plugin before 4.1.3 does not properly validate data in an AJAX action when the Membership Addon is enabled, allowing attackers to authenticate as any user, including administrators, by simply using the target account's user ID...

8.5AI score0.0719EPSS
Exploits4References1
Circl
Circl
added 2025/04/02 5:0 p.m.29 views

CVE-2025-2594

creationtimestamp| type| source ---|---|--- 2025-04-02 17:00:08+00:00| published-proof-of-concept| Telegram/XWNVTNV35dvmt9z1kuRKrDP-n4wp3QUtmRLqVkoNNpbDXx4 2025-04-22 06:58:01+00:00| seen| https://bsky.app/profile/potato.software/post/3lnf42pfg562f 2025-04-22 07:03:22+00:00| seen|...

8.1CVSS7.3AI score0.0719EPSS
Exploits4References7
Patchstack
Patchstack
added 2025/04/01 6:5 p.m.25 views

WordPress User Registration & Membership Pro plugin < 5.1.3 - Authentication Bypass vulnerability

Authentication Bypass vulnerability discovered by wesley wcraft in WordPress Plugin User Registration & Membership Pro versions 5.1.3...

8.1CVSS8.2AI score0.0719EPSS
Exploits4References1Affected Software1
Patchstack
Patchstack
added 2025/04/01 5:57 p.m.18 views

WordPress User Registration plugin < 4.1.3 - Authentication Bypass vulnerability

Authentication Bypass vulnerability discovered by wesley wcraft in WordPress Plugin User Registration versions 4.1.3...

8.1CVSS8.2AI score0.0719EPSS
Exploits4References1Affected Software1
Rows per page
Query Builder