CVE-2025-2563

HIGH EXPLOITED NUCLEI

User Registration & Membership <= 4.1.1 - Unauthenticated Privilege Escalation

Title source: nuclei

Description

The User Registration & Membership WordPress plugin before 4.1.2 does not prevent users to set their account role when the Membership Addon is enabled, leading to a privilege escalation issue and allowing unauthenticated users to gain admin privileges

Exploits (5)

nomisec WORKING POC

by dokter69 · remote

https://github.com/dokter69/CVE-2025-2563

View Code ZIP pw:eip

nomisec WORKING POC

by Nxploited · remote

https://github.com/Nxploited/CVE-2025-2563

View Code ZIP pw:eip

github NO CODE

by 0axz-tools · poc

https://github.com/0axz-tools/CVE-2025-2563-POC

View Code ZIP pw:eip

nomisec WRITEUP

by ubaydev · remote

https://github.com/ubaydev/CVE-2025-2563

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by wesley (wcraft), Valentin Lobstein · rubypocphp

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/wp_user_registration_membership_escalation.rb

View Code ZIP pw:eip

Nuclei Templates (1)

User Registration & Membership <= 4.1.1 - Unauthenticated Privilege Escalation

CRITICALVERIFIEDby iamnoooob,rootxharsh,pdresearch

FOFA: body="/wp-content/plugins/user-registration"

References (1)

[Exploit, Third Party Advisory] https://wpscan.com/vulnerability/2c0f62a1-9510-4f90-a297-17634e6c8b75/

Scores

CVSS v3 8.1

EPSS 0.8758

EPSS Percentile 99.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2025-03-25

Status published

Products (2)

wpeverest/user_registration_\&_membership < 4.1.2

wpeverest/user_registration_\&_membership < 5.1.2

Published Apr 14, 2025

Tracked Since Feb 18, 2026