VYPR
Critical severity9.8NVD Advisory· Published Dec 18, 2024· Updated Apr 15, 2026

CVE-2024-12287

CVE-2024-12287

Description

The Biagiotti Membership plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.0.2. This is due to the plugin not properly verifying a user's identity prior to authenticating them. This makes it possible for unauthenticated attackers to log in as other users, such as administrators, granted they have access to an email.

Affected products

1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.