CVE-2026-3601 | wpeverest User Registration & Membership Plugin up to 5.1.4 on WordPress Shortcode embed_form_action authorization

Inserito da Angelo Barbosa | Mag 5, 2026 | CVE

A vulnerability was found in wpeverest User Registration & Membership Plugin up to 5.1.4 on WordPress. It has been classified as critical. This affects the function embed_form_action of the component Shortcode Handler. The manipulation leads to missing authorization.

This vulnerability is documented as CVE-2026-3601. The attack can be initiated remotely. There is not any exploit available.

CVE-2026-3601 | wpeverest User Registration & Membership Plugin up to 5.1.4 on WordPress Shortcode embed_form_action authorization

Post correlati

CVE-2024-43491 | Microsoft Windows 10 Update use after free

CVE-2026-4187 | Tiandy Easy7 Integrated Management Platform 7.17.0 Device Identifier UpdateLocalDevInfo.jsp username/password missing authentication

CVE-2024-51485 | Ampache up to 7.0.0 Request cross-site request forgery

CVE-2024-35735 | CodePeople WP Time Slots Booking Form Plugin up to 1.2.11 on WordPress authorization