Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin 4.3.0

  • Severity: medium-risk
  • Status: Fixed
  • Publication: September 5, 2025

The User Registration & Membership plugin for WordPress has a security issue in version 4.3.0. This is because it does not properly handle certain information provided by users, and also does not properly prepare the database for this information. This means that someone with administrator-level access or higher can add extra code to existing database queries, which could potentially give them access to private information.

Detected in:

User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin fixed vulnerable versions:
User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.