Simple User Registration <= 6.3 - Unauthenticated Privilege Escalation

The Simple User Registration plugin ≤ 6.3 is vulnerable to privilege escalation. It lacks proper restrictions on user meta values during registration. Unauthenticated attackers can exploit this to register as administrators. id: CVE-2025-4334 info: name: Simple User Registration = 6.3 -...

WordPress Plugin Simple User Registration Access Control Error Vulnerability

WordPress is a set of blogging platform developed using the PHP language, the platform has the ability to set up a personal blog site on a server based on PHP and MySQL, WordPress plugin is an application plugin. An access control error vulnerability exists in the WordPress plugin Simple User...

CVE-2026-0844

The Simple User Registration plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 6.7 due to insufficient restriction on the 'profilesavefield' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to...

CVE-2026-0844

The Simple User Registration plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 6.7 due to insufficient restriction on the 'profilesavefield' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to...

CVE-2026-0844

The Simple User Registration plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 6.7 due to insufficient restriction on the 'profilesavefield' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to...

PT-2026-5092

The Simple User Registration plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 6.7 due to insufficient restriction on the 'profile save field' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to...

WordPress plugin Simple User Registration 访问控制错误漏洞

WordPress is a set of blogging platform developed using the PHP language, the platform has the ability to set up a personal blog site on a server based on PHP and MySQL, WordPress plugin is an application plugin. An access control error vulnerability exists in the WordPress plugin Simple User...

WordPress Simple User Registration plugin <= 6.3 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by Chuck - None in WordPress Plugin Simple User Registration versions = 6.3...

WordPress Simple User Registration plugin <= 6.6 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Simple User Registration versions = 6.6...

CVE-2025-12160

The Simple User Registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpradminmsg' parameter in all versions up to, and including, 6.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2025-12160 Simple User Registration <= 6.6 - Unauthenticated Stored Cross-Site Scripting

The Simple User Registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpradminmsg' parameter in all versions up to, and including, 6.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

WordPress plugin Simple User Registration 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-47713

Name of the Vulnerable Software and Affected Versions Simple User Registration versions up to and including 6.6 Description The Simple User Registration plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to insufficient input sanitization and output escaping in the wp...

Exploit for Improper Privilege Management in Najeebmedia Simple_User_Registration

PoC exploit for CVE-2025-4334, a Privilege Escalation vulnerabil...

CVE-2025-53428

Incorrect Privilege Assignment vulnerability in N-Media Simple User Registration wp-registration allows Privilege Escalation.This issue affects Simple User Registration: from n/a through = 6.8...

EUVD-2025-35455

Incorrect Privilege Assignment vulnerability in N-Media Simple User Registration wp-registration allows Privilege Escalation.This issue affects Simple User Registration: from n/a through = 6.4...

CVE-2025-53428

Incorrect Privilege Assignment vulnerability in N-Media Simple User Registration wp-registration allows Privilege Escalation.This issue affects Simple User Registration: from n/a through = 6.8...

CVE-2025-53428 WordPress Simple User Registration plugin <= 6.8 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in N-Media Simple User Registration wp-registration allows Privilege Escalation.This issue affects Simple User Registration: from n/a through = 6.8...

CVE-2025-53428

CVE-2025-53428 concerns the WordPress Simple User Registration plugin (wp-registration) with privilege escalation via Incorrect Privilege Assignment. Affected versions are prior to or at 6.4 (per CVE and Red Hat/NVD/CVE lineage); other sources align on the same product. The underlying issue is im...

CVE-2025-53428 WordPress Simple User Registration plugin <= 6.8 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in N-Media Simple User Registration wp-registration allows Privilege Escalation.This issue affects Simple User Registration: from n/a through = 6.8...