User registration membership plugin github. User Registration plugin for WordPress.
User registration membership plugin github Dec 11, 2024 · The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4. Choose Membership level from a Select Menu and div below dynamically populates with the correct form for that level. 4 due to insufficient input sanitization and output escaping. Translate “Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin” into your language. 14. Versatile Membership Websites: Use the User Registration & Membership plugin and create a full-fledged membership website. Contribute to wpeverest/user-registration development by creating an account on GitHub. User Registration & Membership is a powerful WordPress registration plugin that allows you to create a streamlined registration process. 4 due to insufficient input sanitization and output escaping on user supplied attributes. 3 due to insufficient input sanitization and output escaping on user supplied attributes. 15 does not sanitise and escape some of its Drag & Drop Builder fields, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). Feb 5, 2024 · The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin 'reg-number-field' shortcode in all versions up to, and including, 4. 5 due to insufficient input sanitization and output escaping on user supplied attributes. 2 does not prevent users to set their account role when the Membership Addon is enabled, leading to a privilege escalation issue and allowing unauthenticated users to gain admin privileges Apr 22, 2025 · The User Registration & Membership WordPress plugin before 4. User Registration plugin for WordPress. . The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's login-password shortcode in all versions up to, and including, 4. The flaw, identified as CVE-2025-2594, carries a CVSS score of 8. Mar 13, 2024 · The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 4. 1 due to insufficient input sanitization and output escaping on user supplied attributes. The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title’ parameter in all versions up to, and including, 4. 15 does not sanitise and escape some of its Membership Plan settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). Feb 28, 2024 · The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name' parameter in all versions up to, and including, 4. Create membership groups and plans with multiple tiers of content access and benefits, then, sell them to your website members for a recurring fee. 4 due to insufficient input sanitization and output escaping on user supplied attributes such as 'type'. A critical security vulnerability has been discovered in the “User Registration & Membership” WordPress plugin, a popular tool for creating membership websites and registration forms. 1, indicating its high severity. Apr 14, 2025 · The User Registration & Membership WordPress plugin before 4. Interested in development? Browse the code , check out the SVN repository , or subscribe to the development log by RSS . 2 due to insufficient input sanitization and output escaping on user supplied attributes. May 27, 2025 · User Registration & Membership is a powerful WordPress registration plugin that allows you to create a streamlined registration process. 1. 20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). 15. 3 does not properly validate data in an AJAX action when the Membership Addon is enabled, allowing attackers to authenticate as any user, including administrators, by simply using the target account's user ID. The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's edit-profile-text-box shortcode in all versions up to, and including, 4. Easily build custom registration forms, manage user data, and more - all without requiring any coding skills. The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4. The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'reg-single-checkbox' shortcode in all versions up to, and including, 4. Sep 30, 2019 · Dynamic Registration form for WordPress Simple Membership Plugin (with Form Builder Addon). The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 4. zpiyhfzadxknilipgyekcldjjmbqnncpbuyuacjqek