CVE-2025-2563

Published Apr 14, 2025

Last updated a year ago

CVSS high 8.1
WordPress

Overview

Description
The User Registration & Membership WordPress plugin before 4.1.2 does not prevent users to set their account role when the Membership Addon is enabled, leading to a privilege escalation issue and allowing unauthenticated users to gain admin privileges
Source
contact@wpscan.com
NVD status
Analyzed
Products
user_registration_\&_membership

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.1
Impact score
5.9
Exploitability score
2.2
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

nvd@nist.gov
NVD-CWE-noinfo

Social media

Hype score
Not currently trending

  1. https://t.co/9T35ezskJq CVE-2025-2563 | 60K #CyberSecurity #Hacking #wordpress #Exploit

    @Nxploited

    18 Feb 2026

    86 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. 🚨 CVE-2025-2563 🚨 I have developed a Metasploit module to exploit an unauthenticated privilege escalation in the WordPress User Registration & Membership plugin (Free < 4.1.2, Pro < 5.1.2) [+70k installs]. PR: https://t.co/bXHNmhYmZT https://t.co/aWyviLAFt6

    @Chocapikk_

    9 May 2025

    10060 Impressions

    39 Retweets

    187 Likes

    87 Bookmarks

    2 Replies

    0 Quotes

  3. CVE-2025-2563 04/14/2025 06:15:16 AM BaseSeverity: HIGH The User Registration & Membership WordPress plugin before 4.1.2 does not prevent users to set their account role when the Membership Addon is enable... https://t.co/QUub3XKaI3

    @CVETracker

    14 Apr 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2025-2563 The User Registration & Membership WordPress plugin before 4.1.2 does not prevent users to set their account role when the Membership Addon is enabled, leading to a pr… https://t.co/VuXqqxXcCr

    @CVEnew

    14 Apr 2025

    425 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 🚨 CVE-2025-2563 - critical 🚨 User Registration & Membership <= 4.1.1 - Unauthenticated Privilege Escalation > The User Registration & Membership plugin for WordPress is vulnerable to privilege es... 👾 https://t.co/9YwtRaBIBG @pdnuclei #Nuc...

    @pdnuclei_bot

    7 Apr 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🚨🚨🚨🚨🚨🚨🚨 Uma falha crítica de segurança foi descoberta no plugin WordPress “User Registration & Membership”, amplamente utilizado em sites com funcionalidades de cadastro e controle de acesso. Catalogada como CVE-2025-2563 e com pontuação CVSS de 9.8, a vulnerabilidade

    @MarcelloBRUS

    29 Mar 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Details about the User Registration & Membership <= 4.1.1 - Unauthenticated Privilege Escalation - CVE-2025-2563: https://t.co/swFyg8XC7j #WordPress #PluginSecurity #UpdateNow

    @the_pesc

    29 Mar 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. WordPress Plugin CVE-2025-2563 Scores 9.8, Threatens Thousands of Membership Sites A critical security vulnerability has been discovered in the “User Registration & Membership” WordPress plugin. https://t.co/DpP9n5DCnt

    @the_yellow_fall

    27 Mar 2025

    504 Impressions

    3 Retweets

    10 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. The Master Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ma_el_bh_table_btn_text' parameter in versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.CVE-2026-2486
  2. WordPress Plugin "Survey Maker" versions 5.1.7.7 and prior contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed in the user's web browser.CVE-2026-26370
  3. The Deployment Infrastructure in Mintlify Platform before 2025-11-15 allows remote attackers to bypass security patches and execute downgrade attacks via predictable deployment identifiers on the Vercel preview domain. An attacker can identify the URL structure of a previous deployment that contains unpatched vulnerabilities. By browsing directly to the specific git-ref or deployment-id subdomain, the attacker can force the application to load the vulnerable version.CVE-2025-67846
  4. The W3 Total Cache WordPress plugin before 2.8.13 is vulnerable to command injection via the _parse_dynamic_mfunc function, allowing unauthenticated users to execute PHP commands by submitting a comment with a malicious payload to a post.CVE-2025-9501
  5. The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs.CVE-2025-8085

References

Sources include official advisories and independent security research.