CVE-2025-2594

HIGH

WordPress Plugin <4.1.3 - Auth Bypass

Title source: llm

Description

The User Registration & Membership WordPress plugin before 4.1.3 does not properly validate data in an AJAX action when the Membership Addon is enabled, allowing attackers to authenticate as any user, including administrators, by simply using the target account's user ID.

Exploits (2)

exploitdb WORKING POC

by Mohammed Idrees Banyamer · pythonwebappsmultiple

https://www.exploit-db.com/exploits/52302

View Code ZIP pw:eip

nomisec WRITEUP

by ubaydev · poc

https://github.com/ubaydev/CVE-2025-2594

View Code ZIP pw:eip

References (1)

[Exploit, Third Party Advisory] https://wpscan.com/vulnerability/1c1be47a-d5c0-4ac1-b9fd-475b382a7d8f/

Scores

CVSS v3 8.1

EPSS 0.0741

EPSS Percentile 91.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (2)

wpeverest/user_registration_\&_membership < 4.1.3

wpeverest/user_registration_\&_membership < 5.1.3

Published Apr 22, 2025

Tracked Since Feb 18, 2026