5 matches found
CVE-2025-3609
The Reales WP STPT plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 2.1.2. This is due to the 'realesusersignupform' AJAX action not verifying if user registration is enabled, prior to registering a user. This makes it possible for...
CVE-2025-3609
The Reales WP STPT plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 2.1.2. This is due to the 'realesusersignupform' AJAX action not verifying if user registration is enabled, prior to registering a user. This makes it possible for...
CVE-2025-3609 Reales WP STPT <= 2.1.2 - Unauthorized User Registration
The Reales WP STPT plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 2.1.2. This is due to the 'realesusersignupform' AJAX action not verifying if user registration is enabled, prior to registering a user. This makes it possible for...
CVE-2025-3609 Reales WP STPT <= 2.1.2 - Unauthorized User Registration
The Reales WP STPT plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 2.1.2. This is due to the 'realesusersignupform' AJAX action not verifying if user registration is enabled, prior to registering a user. This makes it possible for...
WordPress Reales WP STPT plugin <= 2.1.2 - Unauthorized User Registration vulnerability
Unauthorized User Registration vulnerability discovered by Foxyyy in WordPress Plugin Reales WP STPT versions = 2.1.2...