VYPR
Critical severity9.8NVD Advisory· Published Mar 1, 2025· Updated Apr 15, 2026

CVE-2025-1564

CVE-2025-1564

Description

The SetSail Membership plugin for WordPress is vulnerable to in all versions up to, and including, 1.0.3. This is due to the plugin not properly verifying a users identity through the social login. This makes it possible for unauthenticated attackers to log in as any user, including administrators and take over access to their account.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.