Registration Forms
by WordPress
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-11293 | Hig | 0.53 | 8.1 | 0.01 | Dec 4, 2024 | The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Social Sites Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.7.9. This is due… | ||
| CVE-2021-24647 | Hig | 0.53 | 8.1 | 0.08 | Nov 8, 2021 | The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing unauthenticated attacker to login as any user on the site by only knowing… | ||
| CVE-2022-4024 | Med | 0.42 | 6.5 | 0.00 | Dec 19, 2022 | The Registration Forms WordPress plugin before 3.8.1.3 does not have authorisation and CSRF when deleting users via an init action handler, allowing unauthenticated attackers to delete arbitrary users (along with their posts) | ||
| CVE-2023-0552 | Med | 0.37 | 5.4 | 0.24 | Feb 27, 2023 | The Registration Forms WordPress plugin before 3.8.2.3 does not properly validate the redirection URL when logging in and login out, leading to an Open Redirect vulnerability | ||
| CVE-2024-13818 | Med | 0.34 | 5.3 | 0.00 | Feb 21, 2025 | The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.4 through publicly exposed… |
- risk 0.53cvss 8.1epss 0.01
The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Social Sites Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.7.9. This is due…
- risk 0.53cvss 8.1epss 0.08
The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing unauthenticated attacker to login as any user on the site by only knowing…
- risk 0.42cvss 6.5epss 0.00
The Registration Forms WordPress plugin before 3.8.1.3 does not have authorisation and CSRF when deleting users via an init action handler, allowing unauthenticated attackers to delete arbitrary users (along with their posts)
- risk 0.37cvss 5.4epss 0.24
The Registration Forms WordPress plugin before 3.8.2.3 does not properly validate the redirection URL when logging in and login out, leading to an Open Redirect vulnerability
- risk 0.34cvss 5.3epss 0.00
The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.4 through publicly exposed…