VYPR

Findall Membership

by WordPress

CVEs (2)

  • CVE-2025-13539CriNov 27, 2025
    risk 0.64cvss 9.8epss 0.00

    The FindAll Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.4. This is due to the plugin not properly logging in a user with the data that was previously verified through the 'findall_membership_check_facebook_user'…

  • CVE-2025-13538CriNov 27, 2025
    risk 0.64cvss 9.8epss 0.00

    The FindAll Listing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.5. This is due to the 'findall_listing_user_registration_additional_params' function not restricting what user roles a user can register with. This makes it…