User registration \& membership
This hub aggregates every CVE we track for User registration \& membership, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
0
Critical
4
High
0
In CISA KEV
Severity distribution
HIGH4MEDIUM4
Monthly trend
0
0
0
0
0
0
0
0
1
5
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 8 most recently published vulnerabilities affecting User registration \& membership.
- CVE-2025-39400WordPress User Registration plugin < 4.2.0 - Reflected Cross Site Scripting (XSS) vulnerability7.1
- CVE-2025-2594User Registration & Membership < 4.1.3 - Authentication Bypass8.1
- CVE-2025-2563User Registration & Membership < 4.1.2- Unauthenticated Privilege Escalation8.1
- CVE-2025-3282User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.1.3 - Insecure Direct Object Reference to Unauthenticated Membership Modification5.3
- CVE-2025-3292User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.1.3 - Insecure Direct Object Reference to Authenticated (Subscriber+) User Password Update4.3
- CVE-2025-30899WordPress User Registration plugin <= 4.0.3 - Cross Site Scripting (XSS) vulnerability5.9
- CVE-2023-27459WordPress User Registration plugin <= 2.3.2.1 - Authenticated PHP Object Injection vulnerability7.4
- CVE-2024-1720User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.1.4 - Unauthenticated Stored Self-Based Cross-Site Scripting4.7
Product normalization is registry-driven with AI assist and human review. How it works