Wpeverest User Registration & Membership — known CVE vulnerabilities
Every CVE whose affected-product data names Wpeverest User Registration & Membership, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2025-2594 — CVSS 8.1 (high): The User Registration & Membership WordPress plugin before 4.1.3 does not properly validate data in an AJAX action when the Membership…
CVE-2025-2563 — CVSS 8.1 (high): The User Registration & Membership WordPress plugin before 4.1.2 does not prevent users to set their account role when the Membership Addon…
CVE-2023-27459 — CVSS 7.4 (high): Deserialization of Untrusted Data vulnerability in WPEverest User Registration.This issue affects User Registration: from n/a through…
CVE-2025-39400 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpeverest User Registration…
CVE-2025-30899 — CVSS 5.9 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpeverest User Registration…
CVE-2025-3282 — CVSS 5.3 (medium): The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to…
CVE-2024-1720 — CVSS 4.7 (medium): The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to…
CVE-2025-3292 — CVSS 4.3 (medium): The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to…