WP User Registration and Membership Unauthenticated Privilege Escalation (CVE-2025-2563)
Exploits CVE-2025-2563 in the WordPress User Registration & Membership plugin. 1 Registers a free-membership user via AJAX. 2 Elevates that user to administrator via the membership AJAX action. 3 Logs in, uploads & executes a PHP payload. Module Options msf use...