User Registration & Membership 漏洞列表

共找到 2 个与 User Registration & Membership 相关的漏洞

📅 加载漏洞趋势中...

CVE-2025-2563: User Registration & Membership <= 4.1.1 - Unauthenticated Privilege Escalation POC

日期: 2025-08-01 | 影响软件: User Registration & Membership

The User Registration & Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 4.1.1. This is due to insufficient restrictions on role type in the 'prepare_members_data()' function. This makes it possible for unauthenticated attackers to create newuser accounts with the 'administrator' role, allowing complete control over the affected WordPress site.
CVE-2025-2563: User Registration & Membership <= 4.1.1 - Unauthenticated Privilege Escalation POC

日期: 2025-08-01 | 影响软件: User Registration & Membership

The User Registration & Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 4.1.1. This is due to insufficient restrictions on role type in the 'prepare_members_data()' function. This makes it possible for unauthenticated attackers to create newuser accounts with the 'administrator' role, allowing complete control over the affected WordPress site.