Simple User Registration
by WordPress
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-49604 | Cri | 0.64 | 9.8 | 0.01 | Oct 20, 2024 | Authentication Bypass Using an Alternate Path or Channel vulnerability in N-Media Simple User Registration wp-registration allows Authentication Bypass.This issue affects Simple User Registration: from n/a through <= 6.7. | ||
| CVE-2024-53810 | Cri | 0.59 | 9.1 | 0.00 | Dec 6, 2024 | Missing Authorization vulnerability in N-Media Simple User Registration wp-registration allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Simple User Registration: from n/a through <= 5.5. | ||
| CVE-2025-53428 | Hig | 0.57 | 8.8 | 0.00 | Oct 22, 2025 | Incorrect Privilege Assignment vulnerability in N-Media Simple User Registration wp-registration allows Privilege Escalation.This issue affects Simple User Registration: from n/a through <= 6.8. | ||
| CVE-2025-4334 | Cri | 0.57 | 9.8 | 0.02 | Jun 26, 2025 | The Simple User Registration plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3. This is due to insufficient restrictions on user meta values that can be supplied during registration. This makes it possible for unauthenticated… | ||
| CVE-2025-12160 | Hig | 0.47 | 7.2 | 0.00 | Nov 21, 2025 | The Simple User Registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpr_admin_msg' parameter in all versions up to, and including, 6.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated… |
- risk 0.64cvss 9.8epss 0.01
Authentication Bypass Using an Alternate Path or Channel vulnerability in N-Media Simple User Registration wp-registration allows Authentication Bypass.This issue affects Simple User Registration: from n/a through <= 6.7.
- risk 0.59cvss 9.1epss 0.00
Missing Authorization vulnerability in N-Media Simple User Registration wp-registration allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Simple User Registration: from n/a through <= 5.5.
- risk 0.57cvss 8.8epss 0.00
Incorrect Privilege Assignment vulnerability in N-Media Simple User Registration wp-registration allows Privilege Escalation.This issue affects Simple User Registration: from n/a through <= 6.8.
- risk 0.57cvss 9.8epss 0.02
The Simple User Registration plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3. This is due to insufficient restrictions on user meta values that can be supplied during registration. This makes it possible for unauthenticated…
- risk 0.47cvss 7.2epss 0.00
The Simple User Registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpr_admin_msg' parameter in all versions up to, and including, 6.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated…