CVE-2025-3282 — Authorization Bypass Through User-Controlled Key in User Registration Membership

CWE-639 — Authorization Bypass Through User-Controlled Key3 documents3 sources

Severity

5.3MEDIUMNVD

EPSS

0.2%

top 56.58%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wpeverest User Registration Membership

Timeline

PublishedApr 12

Description

The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.3 via the user_registration_membership_register_member() due to missing validation on the 'membership_id' user controlled key. This makes it possible for unauthenticated attackers to update any user's membership to any other active or non-active membership type.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

▶NVDwpeverest/user_registration_membership< 4.1.4

Patches

Patch: plugins.trac.wordpress.org ↗

🔴Vulnerability Details

CVEList

User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.1.3 - Insecure Direct Object Reference to Unauthenticated Membership Modification↗2025-04-12

▶

GHSA

GHSA-5vm9-7r3m-24r6: The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Obje↗2025-04-12

▶