Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:31 a.m.7 views

CVE-2024-0701

The UserPro plugin for WordPress is vulnerable to Security Feature Bypass in all versions up to, and including, 5.1.6. This is due to the use of client-side restrictions to enforce the 'Disabled registration' Membership feature within the plugin's General settings. This makes it possible for...

5.3CVSS6.8AI score0.0058EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/05 9:22 p.m.13 views

CVE-2024-0701

The UserPro plugin for WordPress is vulnerable to Security Feature Bypass in all versions up to, and including, 5.1.6. This is due to the use of client-side restrictions to enforce the 'Disabled registration' Membership feature within the plugin's General settings. This makes it possible for...

5.3CVSS6.8AI score0.0058EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/05 9:22 p.m.28 views

CVE-2024-0701 UserPro <= 5.1.6 - Disabled Membership Registration Bypass

The UserPro plugin for WordPress is vulnerable to Security Feature Bypass in all versions up to, and including, 5.1.6. This is due to the use of client-side restrictions to enforce the 'Disabled registration' Membership feature within the plugin's General settings. This makes it possible for...

5.3CVSS5.5AI score0.0058EPSS
Exploits0References2
CVE
CVE
added 2024/02/05 9:22 p.m.52 views

CVE-2024-0701

CVE-2024-0701 concerns the WordPress UserPro plugin. The vulnerability is described as a Security Feature Bypass caused by relying on client-side restrictions to enforce the Disable Registration setting, enabling unauthenticated attackers to create accounts even when registration is disabled. Dat...

5.3CVSS6.2AI score0.0058EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/02/02 12:0 a.m.14 views

WordPress Userpro Plugin <= 5.1.6 is vulnerable to Bypass Vulnerability

Software Userpro Type Plugin Vulnerable versions = 5.1.6 Fixed in 5.1.7 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2024-0701 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 07d9348c166e Credits Rob Stevens Required privilege Unauthenticate...

5.3CVSS6.5AI score0.0058EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder