WordPress User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder plugin <= 5.1.5 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Media Deletion vulnerability

Authenticated Subscriber+ Insecure Direct Object Reference to Arbitrary Media Deletion vulnerability discovered by Supakiad S. m3ez - E-CQURITY Thailand in WordPress Plugin User Registration versions = 5.1.5...

WordPress User Registration plugin <= 4.4.9 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by 0xd4rk5id3 in WordPress Plugin User Registration versions = 4.4.9...

PT-2026-22113

The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.2 via the 'register member' function, due to missing validation on the 'member id' user...

CVE-2026-0844

CVE-2026-0844 impacts the WordPress Simple User Registration plugin (

CVE-2022-0232

The User Registration, Login & Landing Pages WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the loadertext parameter found in the /includes/templates/landing-page.php file which allows attackers with administrative user access to inject arbitrary we...

CVE-2025-1511

The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping. This makes...

WordPress User Registration & Membership plugin <= 4.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin User Registration versions = 4.4.6...

EUVD-2021-11867

Malware in sbrugna...

EUVD-2021-11566

Malware in sbrugna...

EUVD-2023-44038

Malicious code in bioql PyPI...

EUVD-2022-43248

Malicious code in bioql PyPI...

EUVD-2024-17454

Malicious code in bioql PyPI...

EUVD-2022-15428

Malicious code in bioql PyPI...

EUVD-2023-12827

Malicious code in bioql PyPI...

EUVD-2025-13565

Malicious code in bioql PyPI...

EUVD-2025-12286

Malicious code in bioql PyPI...

EUVD-2025-11921

Malicious code in bioql PyPI...

EUVD-2023-57556

Malicious code in bioql PyPI...

CVE-2025-6831

The User Registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's urcrrestrict shortcode in all versions up to, and including, 4.2.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-6831

The User Registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's urcrrestrict shortcode in all versions up to, and including, 4.2.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...