CVE-2025-13493

HIGH

Latest Registered Users <= 1.4 - Unauthenticated User Data Export via CSV Action Parameter

Title source: llm

Description

The Latest Registered Users plugin for WordPress is vulnerable to unauthorized user data export in all versions up to, and including, 1.4. This is due to missing authorization and nonce validation in the rnd_handle_form_submit function hooked to both admin_post_my_simple_form and admin_post_nopriv_my_simple_form actions. This makes it possible for unauthenticated attackers to export complete user details (excluding passwords and sensitive tokens) in CSV format via the 'action' parameter.

References (4)

Core 4

Core References

Product

https://plugins.trac.wordpress.org/browser/latest-registered-users/tags/1.4/latest-registered-users.php#L246

Product

https://plugins.trac.wordpress.org/browser/latest-registered-users/trunk/latest-registered-users.php#L246

Product

https://plugins.trac.wordpress.org/browser/latest-registered-users/trunk/latest-registered-users.php#L66

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/e6139543-81e3-480a-93a4-1d87b3f3f51e?source=cve

Scores

CVSS v3 7.5

EPSS 0.0028

EPSS Percentile 20.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-862

Status published

Products (1)

webrndexperts/Latest Registered Users < 1.4

Published Jan 07, 2026

Tracked Since Feb 18, 2026