CVSS: 8.1EPSS: %CPEs: 1EXPL: 0CVE-2025-2594 – User Registration & Membership <= 4.1.2 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2025-2594
01 Apr 2025 — The User Registration & Membership plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 4.1.2. This is due to incorrect authentication in the 'confirm_payment()' function. This makes it possible for unauthenticated attackers to log in an existing user on the site, even an administrator. • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30899 – WordPress User Registration plugin <= 4.0.3 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2025-30899
27 Mar 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpeverest User Registration allows Stored XSS. This issue affects User Registration: from n/a through 4.0.3. The User Registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 4.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrar... • https://patchstack.com/database/wordpress/plugin/user-registration/vulnerability/wordpress-user-registration-plugin-4-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2563 – User Registration & Membership <= 4.1.1 - Unauthenticated Privilege Escalation
https://notcve.org/view.php?id=CVE-2025-2563
24 Mar 2025 — The User Registration & Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 4.1.1. This is due to insufficient restrictions on role type in the 'prepare_members_data()' function. This makes it possible for unauthenticated attackers to create new user accounts with the 'administrator'' role. • https://github.com/ubaydev/CVE-2025-2563 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-1290 – Formidable Registration < 2.12 - Contributor+ Arbitrary User Password Reset To Account Takeover
https://notcve.org/view.php?id=CVE-2024-1290
19 Feb 2024 — The User Registration WordPress plugin before 2.12 does not prevent users with at least the contributor role from rendering sensitive shortcodes, allowing them to generate, and leak, valid password reset URLs, which they can use to take over any accounts. El complemento User Registration de WordPress anterior a 2.12 no impide que los usuarios con al menos el rol de colaborador muestren códigos cortos confidenciales, lo que les permite generar y filtrar URL válidas para restablecer contraseñas, que pueden us... • https://wpscan.com/vulnerability/a60187d4-9491-435a-bc36-8dd348a1ffa3 • CWE-862: Missing Authorization •
CVSS: 4.8EPSS: 2%CPEs: 1EXPL: 1CVE-2023-5228 – User Registration < 3.0.4.2 - Admin+ Stored XSS
https://notcve.org/view.php?id=CVE-2023-5228
16 Oct 2023 — The User Registration WordPress plugin before 3.0.4.2 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). El complemento User Registration de WordPress anterior a 3.0.4.2 no sanitiza ni escapa a algunas de sus configuraciones, lo que podría permitir a usuarios con altos privilegios, como el administrador, realizar ataques ... • https://wpscan.com/vulnerability/50ae7008-46f0-4f89-ae98-65dcabe4ef09 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.9EPSS: 10%CPEs: 1EXPL: 2CVE-2023-3342 – User Registration <= 3.0.2 - Authenticated (Subscriber+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2023-3342
04 Jul 2023 — The User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to a hardcoded encryption key and missing file type validation on the 'ur_upload_profile_pic' function in versions up to, and including, 3.0.2. This makes it possible for authenticated attackers with subscriber-level capabilities or above to upload arbitrary files on the affected site's server which may make remote code execution possible. This was partially patched in version 3.0.2 and fully patched in version 3.0.2.1. E... • https://packetstorm.news/files/id/173434 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.0EPSS: 2%CPEs: 1EXPL: 0CVE-2023-3343 – User Registration <= 3.0.1 - Authenticated (Subscriber+) PHP Object Injection
https://notcve.org/view.php?id=CVE-2023-3343
29 Jun 2023 — The User Registration plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 3.0.1 via deserialization of untrusted input from the 'profile-pic-url' parameter. This allows authenticated attackers, with subscriber-level permissions and above, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve se... • https://plugins.trac.wordpress.org/browser/user-registration/tags/3.0.1/includes/functions-ur-core.php#L3156 • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-29429 – WordPress User Registration plugin <= 2.3.2.1 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2023-29429
06 Apr 2023 — Missing Authorization vulnerability in WPEverest User Registration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Registration: from n/a through 2.3.2.1. The User Registration plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the send_test_email function in versions up to, and including, 2.3.2.1. This makes it possible for unauthenticated attackers to send a test email. • https://patchstack.com/database/wordpress/plugin/user-registration/vulnerability/wordpress-user-registration-plugin-2-3-2-1-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27459 – WordPress User Registration plugin <= 2.3.2.1 - Authenticated PHP Object Injection vulnerability
https://notcve.org/view.php?id=CVE-2023-27459
21 Mar 2023 — Deserialization of Untrusted Data vulnerability in WPEverest User Registration.This issue affects User Registration: from n/a through 2.3.2.1. Vulnerabilidad de deserialización de datos no confiables en el registro de usuarios de WPeverest. Este problema afecta el registro de usuarios: desde n/a hasta 2.3.2.1. The User Registration plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.3.2.1 via deserialization of untrusted input in the following functions: ur_get_use... • https://patchstack.com/database/vulnerability/user-registration/wordpress-user-registration-plugin-2-3-2-1-authenticated-php-object-injection-vulnerability?_s_id=cve • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23987 – WordPress User Registration Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-23987
20 Jan 2023 — Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPEverest User Registration plugin <= 2.3.0 versions. The User Registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via field settings in versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrative-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses ... • https://patchstack.com/database/vulnerability/user-registration/wordpress-user-registration-custom-registration-form-login-form-and-user-profile-for-wordpress-plugin-2-3-0-cross-site-scripting-xss?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •