Lucene search
K

8 matches found

Nuclei
Nuclei
added yesterday171 views

User Registration & Membership <= 4.1.1 - Unauthenticated Privilege Escalation

The User Registration & Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 4.1.1. This is due to insufficient restrictions on role type in the 'preparemembersdata' function. This makes it possible for unauthenticated attackers to create newuser...

8.1CVSS7AI score0.44565EPSS
Exploits7References3
GithubExploit
GithubExploit
added 2026/04/18 9:34 a.m.112 views

Exploit for CVE-2025-2563

CVE-2025-2563 The User Registration & Membership WordPress...

8.1CVSS7.3AI score0.44565EPSS
Exploits7
RedhatCVE
RedhatCVE
added 2025/04/16 9:9 a.m.16 views

CVE-2025-2563

The User Registration & Membership WordPress plugin before 4.1.2 does not prevent users to set their account role when the Membership Addon is enabled, leading to a privilege escalation issue and allowing unauthenticated users to gain admin privileges...

8.1CVSS7.3AI score0.44565EPSS
Exploits7References1
Cvelist
Cvelist
added 2025/04/14 6:0 a.m.44 views

CVE-2025-2563 User Registration & Membership < 4.1.2- Unauthenticated Privilege Escalation

The User Registration & Membership WordPress plugin before 4.1.2 does not prevent users to set their account role when the Membership Addon is enabled, leading to a privilege escalation issue and allowing unauthenticated users to gain admin privileges...

0.44565EPSS
Exploits7References1
Packet Storm
Packet Storm
added 2025/04/08 12:0 a.m.261 views

📄 WordPress User Registration and Membership 4.1.1 Privilege Escalation

WordPress User Registration and Membership plugin versions 4.1.1 and below suffer from a privilege escalation vulnerability. Exploit Title: WordPress User Registration & Membership Plugin = 4.1.1 - Unauthenticated Privilege Escalation Exploit Author: Al Baradi Joy Date: 2025-04-07 Vendor Homepage...

8.1CVSS8.7AI score0.44565EPSS
Exploits7
Exploit DB
Exploit DB
added 2025/04/08 12:0 a.m.215 views

WordPress User Registration &amp; Membership Plugin 4.1.1 - Unauthenticated Privilege Escalation

Exploit Title: WordPress User Registration & Membership Plugin = 4.1.1 - Unauthenticated Privilege Escalation Exploit Author: Al Baradi Joy Date: 2025-04-07 Vendor Homepage: https://wordpress.org/plugins/user-registration/ Software Link:...

8.1CVSS7AI score0.44565EPSS
Exploits7
Circl
Circl
added 2025/03/27 4:24 a.m.39 views

CVE-2025-2563

creationtimestamp| type| source ---|---|--- 2025-03-27 04:24:00+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lldhdf3oje2k 2025-03-29 12:05:35+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/26740 2025-03-29 16:00:07+00:00| published-proof-of-concept|...

8.1CVSS7AI score0.44565EPSS
Exploits7References11
VulnCheck KEV
VulnCheck KEV
added 2025/03/25 12:0 a.m.6 views

VulnCheck KEV: CVE-2025-2563

The User Registration & Membership WordPress plugin before 4.1.2 does not prevent users to set their account role when the Membership Addon is enabled, leading to a privilege escalation issue and allowing unauthenticated users to gain admin privileges...

8.1CVSS5.8AI score0.44565EPSS
Exploits7References1
Rows per page
Query Builder