Search criteria
8 vulnerabilities found for User Registration & Membership – Custom Registration Form, Login Form, and User Profile by wpeverest
CVE-2025-3281 (GCVE-0-2025-3281)
Vulnerability from cvelistv5 – Published: 2025-05-06 07:24 – Updated: 2025-05-06 13:25
VLAI?
Title
User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.2.1 - Insecure Direct Object Reference to Unauthenticated Limited User Deletion
Summary
The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.1 via the create_stripe_subscription() function, due to missing validation on the 'member_id' user controlled key. This makes it possible for unauthenticated attackers to delete arbitrary user accounts that have registered through the plugin.
Severity ?
5.3 (Medium)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wpeverest | User Registration & Membership – Custom Registration Form, Login Form, and User Profile |
Affected:
* , ≤ 4.2.1
(semver)
|
Credits
wesley
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3281",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-06T13:25:12.947564Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-06T13:25:25.517Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile",
"vendor": "wpeverest",
"versions": [
{
"lessThanOrEqual": "4.2.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.1 via the create_stripe_subscription() function, due to missing validation on the \u0027member_id\u0027 user controlled key. This makes it possible for unauthenticated attackers to delete arbitrary user accounts that have registered through the plugin."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-06T07:24:21.668Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/30339ff6-b6bf-4c56-b6cd-db0b8a6ce8b6?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/user-registration/tags/4.1.3/modules/membership/includes/AJAX.php#L619"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3287698/user-registration/trunk/modules/membership/includes/AJAX.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-05T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile \u003c= 4.2.1 - Insecure Direct Object Reference to Unauthenticated Limited User Deletion"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-3281",
"datePublished": "2025-05-06T07:24:21.668Z",
"dateReserved": "2025-04-04T15:15:57.202Z",
"dateUpdated": "2025-05-06T13:25:25.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3282 (GCVE-0-2025-3282)
Vulnerability from cvelistv5 – Published: 2025-04-12 06:37 – Updated: 2025-04-14 16:23
VLAI?
Title
User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.1.3 - Insecure Direct Object Reference to Unauthenticated Membership Modification
Summary
The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.3 via the user_registration_membership_register_member() due to missing validation on the 'membership_id' user controlled key. This makes it possible for unauthenticated attackers to update any user's membership to any other active or non-active membership type.
Severity ?
5.3 (Medium)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wpeverest | User Registration & Membership – Custom Registration Form, Login Form, and User Profile |
Affected:
* , ≤ 4.1.3
(semver)
|
Credits
wesley
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3282",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T16:22:30.285673Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T16:23:01.145Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile",
"vendor": "wpeverest",
"versions": [
{
"lessThanOrEqual": "4.1.3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.3 via the user_registration_membership_register_member() due to missing validation on the \u0027membership_id\u0027 user controlled key. This makes it possible for unauthenticated attackers to update any user\u0027s membership to any other active or non-active membership type."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-12T06:37:17.798Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c525b41c-dca5-442a-927e-4583cb303ed1?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3268617/user-registration/trunk/modules/membership/includes/AJAX.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-04-11T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile \u003c= 4.1.3 - Insecure Direct Object Reference to Unauthenticated Membership Modification"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-3282",
"datePublished": "2025-04-12T06:37:17.798Z",
"dateReserved": "2025-04-04T15:25:48.467Z",
"dateUpdated": "2025-04-14T16:23:01.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3292 (GCVE-0-2025-3292)
Vulnerability from cvelistv5 – Published: 2025-04-12 06:37 – Updated: 2025-04-14 16:26
VLAI?
Title
User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.1.3 - Insecure Direct Object Reference to Authenticated (Subscriber+) User Password Update
Summary
The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.3 via the user_registration_update_profile_details() due to missing validation on the 'user_id' user controlled key. This makes it possible for unauthenticated attackers to update other user's passwords, if they have access to the user ID and email.
Severity ?
4.3 (Medium)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wpeverest | User Registration & Membership – Custom Registration Form, Login Form, and User Profile |
Affected:
* , ≤ 4.1.3
(semver)
|
Credits
wesley
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3292",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T16:25:21.064430Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T16:26:16.498Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile",
"vendor": "wpeverest",
"versions": [
{
"lessThanOrEqual": "4.1.3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.3 via the user_registration_update_profile_details() due to missing validation on the \u0027user_id\u0027 user controlled key. This makes it possible for unauthenticated attackers to update other user\u0027s passwords, if they have access to the user ID and email."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-12T06:37:16.694Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/59a63cd8-9d33-4a2c-a499-5b1ee38c07d6?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/user-registration/tags/4.1.3/includes/class-ur-ajax.php#L323"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3268617/user-registration/trunk/includes/class-ur-ajax.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-04-11T17:44:06.000+00:00",
"value": "Disclosed"
}
],
"title": "User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile \u003c= 4.1.3 - Insecure Direct Object Reference to Authenticated (Subscriber+) User Password Update"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-3292",
"datePublished": "2025-04-12T06:37:16.694Z",
"dateReserved": "2025-04-04T16:58:34.203Z",
"dateUpdated": "2025-04-14T16:26:16.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1511 (GCVE-0-2025-1511)
Vulnerability from cvelistv5 – Published: 2025-02-28 05:23 – Updated: 2025-02-28 15:07
VLAI?
Title
User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.0.4 - Reflected Cross-Site Scripting
Summary
The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wpeverest | User Registration & Membership – Custom Registration Form, Login Form, and User Profile |
Affected:
* , ≤ 4.0.4
(semver)
|
Credits
Dale Mavers
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1511",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-28T15:06:13.704966Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T15:07:11.850Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile",
"vendor": "wpeverest",
"versions": [
{
"lessThanOrEqual": "4.0.4",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dale Mavers"
}
],
"descriptions": [
{
"lang": "en",
"value": "The User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u0027s\u0027 parameter in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T05:23:14.432Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0e0bee7c-8dce-421c-af16-7e5152797e6c?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/user-registration/tags/4.0.2/modules/membership/includes/Admin/Membership/ListTable.php#L246"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3246826/user-registration/tags/4.1.0/modules/membership/includes/Admin/Membership/ListTable.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-27T16:48:16.000+00:00",
"value": "Disclosed"
}
],
"title": "User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile \u003c= 4.0.4 - Reflected Cross-Site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-1511",
"datePublished": "2025-02-28T05:23:14.432Z",
"dateReserved": "2025-02-20T19:19:33.626Z",
"dateUpdated": "2025-02-28T15:07:11.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3281 (GCVE-0-2025-3281)
Vulnerability from nvd – Published: 2025-05-06 07:24 – Updated: 2025-05-06 13:25
VLAI?
Title
User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.2.1 - Insecure Direct Object Reference to Unauthenticated Limited User Deletion
Summary
The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.1 via the create_stripe_subscription() function, due to missing validation on the 'member_id' user controlled key. This makes it possible for unauthenticated attackers to delete arbitrary user accounts that have registered through the plugin.
Severity ?
5.3 (Medium)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wpeverest | User Registration & Membership – Custom Registration Form, Login Form, and User Profile |
Affected:
* , ≤ 4.2.1
(semver)
|
Credits
wesley
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3281",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-06T13:25:12.947564Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-06T13:25:25.517Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile",
"vendor": "wpeverest",
"versions": [
{
"lessThanOrEqual": "4.2.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.1 via the create_stripe_subscription() function, due to missing validation on the \u0027member_id\u0027 user controlled key. This makes it possible for unauthenticated attackers to delete arbitrary user accounts that have registered through the plugin."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-06T07:24:21.668Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/30339ff6-b6bf-4c56-b6cd-db0b8a6ce8b6?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/user-registration/tags/4.1.3/modules/membership/includes/AJAX.php#L619"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3287698/user-registration/trunk/modules/membership/includes/AJAX.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-05T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile \u003c= 4.2.1 - Insecure Direct Object Reference to Unauthenticated Limited User Deletion"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-3281",
"datePublished": "2025-05-06T07:24:21.668Z",
"dateReserved": "2025-04-04T15:15:57.202Z",
"dateUpdated": "2025-05-06T13:25:25.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3282 (GCVE-0-2025-3282)
Vulnerability from nvd – Published: 2025-04-12 06:37 – Updated: 2025-04-14 16:23
VLAI?
Title
User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.1.3 - Insecure Direct Object Reference to Unauthenticated Membership Modification
Summary
The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.3 via the user_registration_membership_register_member() due to missing validation on the 'membership_id' user controlled key. This makes it possible for unauthenticated attackers to update any user's membership to any other active or non-active membership type.
Severity ?
5.3 (Medium)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wpeverest | User Registration & Membership – Custom Registration Form, Login Form, and User Profile |
Affected:
* , ≤ 4.1.3
(semver)
|
Credits
wesley
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3282",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T16:22:30.285673Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T16:23:01.145Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile",
"vendor": "wpeverest",
"versions": [
{
"lessThanOrEqual": "4.1.3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.3 via the user_registration_membership_register_member() due to missing validation on the \u0027membership_id\u0027 user controlled key. This makes it possible for unauthenticated attackers to update any user\u0027s membership to any other active or non-active membership type."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-12T06:37:17.798Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c525b41c-dca5-442a-927e-4583cb303ed1?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3268617/user-registration/trunk/modules/membership/includes/AJAX.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-04-11T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile \u003c= 4.1.3 - Insecure Direct Object Reference to Unauthenticated Membership Modification"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-3282",
"datePublished": "2025-04-12T06:37:17.798Z",
"dateReserved": "2025-04-04T15:25:48.467Z",
"dateUpdated": "2025-04-14T16:23:01.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3292 (GCVE-0-2025-3292)
Vulnerability from nvd – Published: 2025-04-12 06:37 – Updated: 2025-04-14 16:26
VLAI?
Title
User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.1.3 - Insecure Direct Object Reference to Authenticated (Subscriber+) User Password Update
Summary
The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.3 via the user_registration_update_profile_details() due to missing validation on the 'user_id' user controlled key. This makes it possible for unauthenticated attackers to update other user's passwords, if they have access to the user ID and email.
Severity ?
4.3 (Medium)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wpeverest | User Registration & Membership – Custom Registration Form, Login Form, and User Profile |
Affected:
* , ≤ 4.1.3
(semver)
|
Credits
wesley
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3292",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T16:25:21.064430Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T16:26:16.498Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile",
"vendor": "wpeverest",
"versions": [
{
"lessThanOrEqual": "4.1.3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.3 via the user_registration_update_profile_details() due to missing validation on the \u0027user_id\u0027 user controlled key. This makes it possible for unauthenticated attackers to update other user\u0027s passwords, if they have access to the user ID and email."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-12T06:37:16.694Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/59a63cd8-9d33-4a2c-a499-5b1ee38c07d6?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/user-registration/tags/4.1.3/includes/class-ur-ajax.php#L323"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3268617/user-registration/trunk/includes/class-ur-ajax.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-04-11T17:44:06.000+00:00",
"value": "Disclosed"
}
],
"title": "User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile \u003c= 4.1.3 - Insecure Direct Object Reference to Authenticated (Subscriber+) User Password Update"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-3292",
"datePublished": "2025-04-12T06:37:16.694Z",
"dateReserved": "2025-04-04T16:58:34.203Z",
"dateUpdated": "2025-04-14T16:26:16.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1511 (GCVE-0-2025-1511)
Vulnerability from nvd – Published: 2025-02-28 05:23 – Updated: 2025-02-28 15:07
VLAI?
Title
User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.0.4 - Reflected Cross-Site Scripting
Summary
The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wpeverest | User Registration & Membership – Custom Registration Form, Login Form, and User Profile |
Affected:
* , ≤ 4.0.4
(semver)
|
Credits
Dale Mavers
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1511",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-28T15:06:13.704966Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T15:07:11.850Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile",
"vendor": "wpeverest",
"versions": [
{
"lessThanOrEqual": "4.0.4",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dale Mavers"
}
],
"descriptions": [
{
"lang": "en",
"value": "The User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u0027s\u0027 parameter in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T05:23:14.432Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0e0bee7c-8dce-421c-af16-7e5152797e6c?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/user-registration/tags/4.0.2/modules/membership/includes/Admin/Membership/ListTable.php#L246"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3246826/user-registration/tags/4.1.0/modules/membership/includes/Admin/Membership/ListTable.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-27T16:48:16.000+00:00",
"value": "Disclosed"
}
],
"title": "User Registration \u0026 Membership \u2013 Custom Registration Form, Login Form, and User Profile \u003c= 4.0.4 - Reflected Cross-Site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-1511",
"datePublished": "2025-02-28T05:23:14.432Z",
"dateReserved": "2025-02-20T19:19:33.626Z",
"dateUpdated": "2025-02-28T15:07:11.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}