VYPR

Registration Forms

by WordPress

CVEs (5)

  • CVE-2024-11293HigDec 4, 2024
    risk 0.53cvss 8.1epss 0.01

    The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Social Sites Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.7.9. This is due…

  • CVE-2021-24647HigNov 8, 2021
    risk 0.53cvss 8.1epss 0.08

    The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing unauthenticated attacker to login as any user on the site by only knowing…

  • CVE-2022-4024MedDec 19, 2022
    risk 0.42cvss 6.5epss 0.00

    The Registration Forms WordPress plugin before 3.8.1.3 does not have authorisation and CSRF when deleting users via an init action handler, allowing unauthenticated attackers to delete arbitrary users (along with their posts)

  • CVE-2023-0552MedFeb 27, 2023
    risk 0.37cvss 5.4epss 0.24

    The Registration Forms WordPress plugin before 3.8.2.3 does not properly validate the redirection URL when logging in and login out, leading to an Open Redirect vulnerability

  • CVE-2024-13818MedFeb 21, 2025
    risk 0.34cvss 5.3epss 0.00

    The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.4 through publicly exposed…