User Registration
wpeverest
Developer
5.1.5
Latest version
60,000
Installations
No date
Last updated
Vulnerability history
0 present
30 patched
14 Mitigation rules
- Missing Authorization to Authenticated (Contributor+) Content Access Rule Manipulation vulnerability<= 5.1.424/03/2026
- Privilege Escalation vulnerability<= 4.4.923/03/2026
- Unauthenticated Privilege Escalation via Membership Registration vulnerability<= 5.1.203/03/2026
- Authentication Bypass vulnerability<= 5.1.226/02/2026
- Insecure Direct Object Reference to Unauthenticated Limited User Deletion vulnerability<= 5.1.225/02/2026
- Broken Access Control vulnerability<= 4.4.621/01/2026
- Cross-Site Request Forgery to Arbitrary Post Deletion vulnerability<= 4.4.809/01/2026
- Arbitrary Shortcode Execution vulnerability<= 4.4.908/01/2026
- Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability<= 4.4.615/12/2025
- Authenticated (Admin+) SQL Injection vulnerability<= 4.3.005/09/2025
- Authenticated (Contributor+) Stored Cross-Site Scripting via urcr_restrict Shortcode vulnerability<= 4.2.421/07/2025
- Insecure Direct Object Reference to Unauthenticated Limited User Deletion vulnerability<= 4.2.105/05/2025
- Reflected Cross Site Scripting (XSS) vulnerability< 4.2.022/04/2025
- Insecure Direct Object Reference to Unauthenticated Membership Modification vulnerability<= 4.1.311/04/2025
- Insecure Direct Object Reference to Authenticated (Subscriber+) User Password Update vulnerability<= 4.1.311/04/2025
- Authentication Bypass vulnerability< 4.1.301/04/2025
- Cross Site Scripting (XSS) vulnerability<= 4.0.327/03/2025
- Unauthenticated Privilege Escalation vulnerability< 4.1.225/03/2025
- Reflected Cross-Site Scripting vulnerability<= 4.0.428/02/2025
- Missing Authorization to Privilege Escalation vulnerability<= 3.2.0.103/06/2024
- Authenticated (Subscriber+) Privilege Escalation vulnerability<= 3.1.519/04/2024
- Missing Authorization to Unauthenticated Media Deletion vulnerability<= 3.1.516/04/2024
- Unauthenticated Stored Self-Based Cross-Site Scripting vulnerability<= 3.1.407/03/2024
- Admin+ Stored XSS vulnerability< 3.0.4.207/11/2023
- Authenticated Arbitrary File Upload vulnerability<= 3.0.204/07/2023
- Broken Access Control vulnerability<= 2.3.2.106/04/2023
- Authenticated PHP Object Injection vulnerability<= 2.3.2.121/03/2023
- Cross Site Scripting (XSS)<= 2.3.020/01/2023
- Stored Cross-Site Scripting (XSS) vulnerability<= 2.0.106/09/2021
- Reflected Cross-Site Scripting (XSS) vulnerability<= 1.5.514/01/2019