Critical severity9.8NVD Advisory· Published Mar 1, 2025· Updated Apr 15, 2026
CVE-2025-1564
CVE-2025-1564
Description
The SetSail Membership plugin for WordPress is vulnerable to in all versions up to, and including, 1.0.3. This is due to the plugin not properly verifying a users identity through the social login. This makes it possible for unauthenticated attackers to log in as any user, including administrators and take over access to their account.
Affected products
2<= 1.0.3+ 1 more
- (no CPE)range: <= 1.0.3
- (no CPE)range: <=1.0.3
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.