CVE-2025-1671 | Elated-Themes Academist Membership Plugin up to 1.1.6 on WordPress academist_membership_check_facebook_user authentication bypass

Inserito da Angelo Barbosa | Mar 1, 2025 | CVE

A vulnerability, which was classified as critical, was found in Elated-Themes Academist Membership Plugin up to 1.1.6 on WordPress. Affected is the function academist_membership_check_facebook_user. The manipulation leads to authentication bypass using alternate channel.

This vulnerability is traded as CVE-2025-1671. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-1671 | Elated-Themes Academist Membership Plugin up to 1.1.6 on WordPress academist_membership_check_facebook_user authentication bypass

Post correlati

CVE-2023-48695 | azure-rtos usbx up to 6.2.1 out-of-bounds write (GHSA-mwj9-rpph-v8wc)

CVE-2024-48903 | Trend Micro Deep Security access control (ZDI-24-1419)

CVE-2023-5310 | Silabs Z-Wave SDK up to 7.20.3 Packet unusual condition

CVE-2024-53093 | Linux Kernel up to 6.1.117/6.6.61/6.11.8 nvme-multipath scan_work deadlock