Exploit for CVE-2025-2563

CVE-2025-2563 The User Registration & Membership WordPress...

EUVD-2025-12286

Malicious code in bioql PyPI...

CVE-2025-2594

The User Registration & Membership WordPress plugin before 4.1.3 does not properly validate data in an AJAX action when the Membership Addon is enabled, allowing attackers to authenticate as any user, including administrators, by simply using the target account's user ID...

CVE-2025-2594

The User Registration & Membership WordPress plugin before 4.1.3 does not properly validate data in an AJAX action when the Membership Addon is enabled, allowing attackers to authenticate as any user, including administrators, by simply using the target account's user ID...

CVE-2025-2594 User Registration & Membership < 4.1.3 - Authentication Bypass

The User Registration & Membership WordPress plugin before 4.1.3 does not properly validate data in an AJAX action when the Membership Addon is enabled, allowing attackers to authenticate as any user, including administrators, by simply using the target account's user ID...

CVE-2025-2594

The CVE-2025-2594 affects the WordPress plugin “User Registration & Membership” prior to version 4.1.3. Affected behavior: when the Membership Addon is enabled, data in an AJAX action is not properly validated, enabling an attacker to authenticate as any user (including administrators) by supplyi...

WordPress plugin User Registration & Membership 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2025-2563

The User Registration & Membership WordPress plugin before 4.1.2 does not prevent users to set their account role when the Membership Addon is enabled, leading to a privilege escalation issue and allowing unauthenticated users to gain admin privileges...

CVE-2025-2563

CVE-2025-2563 concerns the WordPress plugin User Registration & Membership . Affected versions up to and including 4.1.1 fail to properly restrict the user role during account creation via the Membership Addon, allowing unauthenticated attackers to create accounts with administrator privileges. T...

VulnCheck KEV: CVE-2025-2563

The User Registration & Membership WordPress plugin before 4.1.2 does not prevent users to set their account role when the Membership Addon is enabled, leading to a privilege escalation issue and allowing unauthenticated users to gain admin privileges...

WordPress iThemes Exchange Membership Add-on Cross-Site Scripting Vulnerability

iThemes Exchange for WordPress is a plugin for creating e-commerce websites using the WordPress content management system. membership Add-on is one of the plugins for website membership functionality. A cross-site scripting vulnerability exists in the WordPress iThemes Exchange Membership Add-on...