5 matches found
CVE-2024-0701
The UserPro plugin for WordPress is vulnerable to Security Feature Bypass in all versions up to, and including, 5.1.6. This is due to the use of client-side restrictions to enforce the 'Disabled registration' Membership feature within the plugin's General settings. This makes it possible for...
CVE-2024-0701
The UserPro plugin for WordPress is vulnerable to Security Feature Bypass in all versions up to, and including, 5.1.6. This is due to the use of client-side restrictions to enforce the 'Disabled registration' Membership feature within the plugin's General settings. This makes it possible for...
CVE-2024-0701 UserPro <= 5.1.6 - Disabled Membership Registration Bypass
The UserPro plugin for WordPress is vulnerable to Security Feature Bypass in all versions up to, and including, 5.1.6. This is due to the use of client-side restrictions to enforce the 'Disabled registration' Membership feature within the plugin's General settings. This makes it possible for...
CVE-2024-0701
CVE-2024-0701 concerns the WordPress UserPro plugin. The vulnerability is described as a Security Feature Bypass caused by relying on client-side restrictions to enforce the Disable Registration setting, enabling unauthenticated attackers to create accounts even when registration is disabled. Dat...
WordPress Userpro Plugin <= 5.1.6 is vulnerable to Bypass Vulnerability
Software Userpro Type Plugin Vulnerable versions = 5.1.6 Fixed in 5.1.7 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2024-0701 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 07d9348c166e Credits Rob Stevens Required privilege Unauthenticate...