CVE-2025-1475 | whyun WPCOM Member Plugin up to 1.7.5 on WordPress user_phone improper authentication

Inserito da Angelo Barbosa | Mar 7, 2025 | CVE

A vulnerability classified as critical has been found in whyun WPCOM Member Plugin up to 1.7.5 on WordPress. Affected is an unknown function. The manipulation of the argument user_phone leads to improper authentication.

This vulnerability is traded as CVE-2025-1475. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-1475 | whyun WPCOM Member Plugin up to 1.7.5 on WordPress user_phone improper authentication

Post correlati

CVE-2022-45841 | RoboSoft Robo Gallery Plugin up to 3.2.9 on WordPress authorization

CVE-2024-0298 | Totolink N200RE 9.3.5u.6139_B20201216 /cgi-bin/cstecgi.cgi setDiagnosisCfg ip os command injection

CVE-2024-36537 | cert-manager 1.14.4 permission

CVE-2024-6219 | Canonical LXD up to 5.21.0 PKI Mode certificate validation (GHSA-jpmc-7p9c-4rxf)