Critical severity9.8NVD Advisory· Published Dec 18, 2024· Updated Apr 15, 2026
CVE-2024-12287
CVE-2024-12287
Description
The Biagiotti Membership plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.0.2. This is due to the plugin not properly verifying a user's identity prior to authenticating them. This makes it possible for unauthenticated attackers to log in as other users, such as administrators, granted they have access to an email.
Affected products
1- Range: <=1.0.2
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.