CVE-2025-1475

WPCOM Member <= 1.7.5 - Authentication Bypass via 'user_phone'

CVSS 9.8 CRITICALEPSS 0.6%CWE-287

Vexday Risk Score

28Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 9.8EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

07 mar 2025Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

The WPCOM Member plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.7.5. This is due to insufficient verification on the 'user_phone' parameter when logging in. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if SMS login is enabled.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Produtos afetados

whyun · WPCOM Member

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://plugins.trac.wordpress.org/browser/wpcom-member/tags/1.7.1/includes/form-validation.php#L110 https://plugins.trac.wordpress.org/changeset/3248208/https://www.wordfence.com/threat-intel/vulnerabilities/id/05178bf3-3040-41aa-ba43-779376d30298?source=cve