WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation

Exploit Title: WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation Google Dork: inurl:/wp-content/plugins/frontend-login-and-registration-blocks/ Date: 2025-05-12 Exploit Author: Md Shoriful Islam RootHarpy Vendor Homepage:...

CVE-2025-3605 Frontend Login and Registration Blocks <= 1.1.1 - Unauthenticated Privilege Escalation via Account Takeover

The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.1. This is due to the plugin not properly validating a user's identity prior to updating their details like email via the...

PT-2025-20486 · WordPress · Frontend Login/Registration Blocks

Name of the Vulnerable Software and Affected Versions: Frontend Login and Registration Blocks plugin for WordPress versions 1.0.0 through 1.0.7 Description: The issue is related to privilege escalation via account takeover. This occurs because the plugin does not properly validate a user's identi...

WordPress Frontend Login and Registration Blocks plugin <= 1.0.7 - Authenticated (Subscriber+) Privilege Escalation via Password Reset vulnerability

Authenticated Subscriber+ Privilege Escalation via Password Reset vulnerability discovered by kr0d in WordPress Plugin Frontend Login and Registration Blocks versions = 1.0.8...