CVE-2025-1671 Academist Membership <= 1.1.6 - Authentication Bypass via Account Takeover
The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.6. This is due to the academistmembershipcheckfacebookuser function not properly verifying a user's identity prior to authenticating them. This makes it possible for...