Lucene search
K

20 matches found

RedhatCVE
RedhatCVE
added 2026/02/09 1:33 a.m.6 views

CVE-2025-15100

The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jaypanelajaxupdateprofile' function. This makes it possible for authenticated...

8.8CVSS5.5AI score0.0031EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/09 1:33 a.m.5 views

CVE-2025-15027

The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jayloginregisterajaxcreatefinaluser' function. This makes it possible for...

9.8CVSS5.5AI score0.00412EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/08 1:22 a.m.31 views

CVE-2025-15100 JAY Login & Register <= 2.6.03 - Authenticated (Subscriber+) Privilege Escalation via jay_panel_ajax_update_profile

The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jaypanelajaxupdateprofile' function. This makes it possible for authenticated...

8.8CVSS0.0031EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/08 1:22 a.m.30 views

CVE-2025-15027 JAY Login & Register <= 2.6.03 - Unauthenticated Privilege Escalation via jay_login_register_ajax_create_final_user

The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jayloginregisterajaxcreatefinaluser' function. This makes it possible for...

9.8CVSS0.00412EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/08 1:22 a.m.3 views

CVE-2025-15100

The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jaypanelajaxupdateprofile' function. This makes it possible for authenticated...

8.8CVSS5.5AI score0.0031EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/08 1:22 a.m.3 views

CVE-2025-15027

The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jayloginregisterajaxcreatefinaluser' function. This makes it possible for...

9.8CVSS5.5AI score0.00412EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/08 1:22 a.m.3 views

CVE-2025-15027 JAY Login & Register <= 2.6.03 - Unauthenticated Privilege Escalation via jay_login_register_ajax_create_final_user

The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jayloginregisterajaxcreatefinaluser' function. This makes it possible for...

9.8CVSS5.7AI score0.00412EPSS
Exploits0References2
CVE
CVE
added 2026/02/08 1:22 a.m.28 views

CVE-2025-15027

The CVE pertains to the JAY Login & Register WordPress plugin, where unauthenticated users can escalate to administrator by exploiting a function that updates arbitrary user meta (jay_login_register_ajax_create_final_user). Affected versions are up to 2.6.03 (and PTSecurity notes versions prior t...

9.8CVSS5.5AI score0.00412EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/08 12:0 a.m.6 views

PT-2026-6941

Name of the Vulnerable Software and Affected Versions JAY Login & Register plugin for WordPress versions prior to 2.6.04 Description The JAY Login & Register plugin for WordPress is susceptible to a privilege escalation issue. The plugin allows updating arbitrary user meta through the jay login...

9.8CVSS5.6AI score0.00412EPSS
Exploits0References12
CNNVD
CNNVD
added 2026/02/08 12:0 a.m.8 views

WordPress plugin JAY Login & Register 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The WordPres...

9.8CVSS5.9AI score0.00412EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/08 12:0 a.m.7 views

PT-2026-6942

Name of the Vulnerable Software and Affected Versions JAY Login & Register plugin for WordPress versions prior to 2.6.04 Description The JAY Login & Register plugin for WordPress is susceptible to a privilege escalation issue. The plugin permits a user to modify arbitrary user meta data via the j...

8.8CVSS5.6AI score0.0031EPSS
Exploits0References10
GithubExploit
GithubExploit
added 2025/12/18 6:51 p.m.168 views

Exploit for CVE-2025-14440

CVE-2025-14440 JAY Login & Register = 2.4.01 - Authent...

9.8CVSS6.9AI score0.00692EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/12/14 5:3 a.m.6 views

CVE-2025-14440

The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrect authentication checking in the 'jayloginregisterprocessswitchback' function with the 'jayloginregisterprocessswitchback' cookie value. This makes...

9.8CVSS6.3AI score0.00692EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/13 6:30 p.m.6 views

EUVD-2025-203210

The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrect authentication checking in the 'jayloginregisterprocessswitchback' function with the 'jayloginregisterprocessswitchback' cookie value. This makes...

9.8CVSS5.8AI score0.00692EPSS
Exploits1References3
NVD
NVD
added 2025/12/13 4:16 p.m.4 views

CVE-2025-14440

The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrect authentication checking in the 'jayloginregisterprocessswitchback' function with the 'jayloginregisterprocessswitchback' cookie value. This makes...

9.8CVSS0.00692EPSS
Exploits1References3
CVE
CVE
added 2025/12/13 4:31 a.m.23 views

CVE-2025-14440

The CVE-2025-14440 issue affects the WordPress JAY Login & Register plugin up to version 2.4.01, where authentication bypass is caused by incorrect checking in the jay_login_register_process_switch_back function using the jay_login_register_process_switch_back cookie. This allows unauthenticated ...

9.8CVSS5.9AI score0.00692EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/12/13 4:31 a.m.29 views

CVE-2025-14440 JAY Login & Register <= 2.4.01 - Authentication Bypass via Cookie

The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrect authentication checking in the 'jayloginregisterprocessswitchback' function with the 'jayloginregisterprocessswitchback' cookie value. This makes...

9.8CVSS0.00692EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/13 4:31 a.m.4 views

CVE-2025-14440 JAY Login & Register <= 2.4.01 - Authentication Bypass via Cookie

The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrect authentication checking in the 'jayloginregisterprocessswitchback' function with the 'jayloginregisterprocessswitchback' cookie value. This makes...

9.8CVSS5.9AI score0.00692EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/13 12:0 a.m.7 views

PT-2025-51072

Name of the Vulnerable Software and Affected Versions JAY Login & Register plugin for WordPress versions prior to 2.4.01 Description The JAY Login & Register plugin for WordPress has a flaw in authentication. Incorrect authentication checking within the jay login register process switch back...

9.8CVSS6.8AI score0.00692EPSS
Exploits1References11
CNNVD
CNNVD
added 2025/12/13 12:0 a.m.5 views

WordPress plugin JAY Login & Register 安全漏洞

...

9.8CVSS5.8AI score0.00692EPSS
Exploits1References3
Rows per page
Query Builder