20 matches found
CVE-2025-15100
The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jaypanelajaxupdateprofile' function. This makes it possible for authenticated...
CVE-2025-15027
The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jayloginregisterajaxcreatefinaluser' function. This makes it possible for...
CVE-2025-15100 JAY Login & Register <= 2.6.03 - Authenticated (Subscriber+) Privilege Escalation via jay_panel_ajax_update_profile
The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jaypanelajaxupdateprofile' function. This makes it possible for authenticated...
CVE-2025-15027 JAY Login & Register <= 2.6.03 - Unauthenticated Privilege Escalation via jay_login_register_ajax_create_final_user
The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jayloginregisterajaxcreatefinaluser' function. This makes it possible for...
CVE-2025-15100
The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jaypanelajaxupdateprofile' function. This makes it possible for authenticated...
CVE-2025-15027
The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jayloginregisterajaxcreatefinaluser' function. This makes it possible for...
CVE-2025-15027 JAY Login & Register <= 2.6.03 - Unauthenticated Privilege Escalation via jay_login_register_ajax_create_final_user
The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jayloginregisterajaxcreatefinaluser' function. This makes it possible for...
CVE-2025-15027
The CVE pertains to the JAY Login & Register WordPress plugin, where unauthenticated users can escalate to administrator by exploiting a function that updates arbitrary user meta (jay_login_register_ajax_create_final_user). Affected versions are up to 2.6.03 (and PTSecurity notes versions prior t...
PT-2026-6941
Name of the Vulnerable Software and Affected Versions JAY Login & Register plugin for WordPress versions prior to 2.6.04 Description The JAY Login & Register plugin for WordPress is susceptible to a privilege escalation issue. The plugin allows updating arbitrary user meta through the jay login...
WordPress plugin JAY Login & Register 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The WordPres...
PT-2026-6942
Name of the Vulnerable Software and Affected Versions JAY Login & Register plugin for WordPress versions prior to 2.6.04 Description The JAY Login & Register plugin for WordPress is susceptible to a privilege escalation issue. The plugin permits a user to modify arbitrary user meta data via the j...
Exploit for CVE-2025-14440
CVE-2025-14440 JAY Login & Register = 2.4.01 - Authent...
CVE-2025-14440
The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrect authentication checking in the 'jayloginregisterprocessswitchback' function with the 'jayloginregisterprocessswitchback' cookie value. This makes...
EUVD-2025-203210
The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrect authentication checking in the 'jayloginregisterprocessswitchback' function with the 'jayloginregisterprocessswitchback' cookie value. This makes...
CVE-2025-14440
The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrect authentication checking in the 'jayloginregisterprocessswitchback' function with the 'jayloginregisterprocessswitchback' cookie value. This makes...
CVE-2025-14440
The CVE-2025-14440 issue affects the WordPress JAY Login & Register plugin up to version 2.4.01, where authentication bypass is caused by incorrect checking in the jay_login_register_process_switch_back function using the jay_login_register_process_switch_back cookie. This allows unauthenticated ...
CVE-2025-14440 JAY Login & Register <= 2.4.01 - Authentication Bypass via Cookie
The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrect authentication checking in the 'jayloginregisterprocessswitchback' function with the 'jayloginregisterprocessswitchback' cookie value. This makes...
CVE-2025-14440 JAY Login & Register <= 2.4.01 - Authentication Bypass via Cookie
The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrect authentication checking in the 'jayloginregisterprocessswitchback' function with the 'jayloginregisterprocessswitchback' cookie value. This makes...
PT-2025-51072
Name of the Vulnerable Software and Affected Versions JAY Login & Register plugin for WordPress versions prior to 2.4.01 Description The JAY Login & Register plugin for WordPress has a flaw in authentication. Incorrect authentication checking within the jay login register process switch back...
WordPress plugin JAY Login & Register 安全漏洞
...