CVE-2026-6145— User Registration & Membership <= 5.1.5 - Unauthenticated Missing Authorization to Admin Approval Bypass via 'action' Parameter
Possible ATT&CK Techniques 1AI
T1136.001 · Local AccountAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| wpeverest | User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder | ≤ 5.1.5 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-6145
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
User Registration & Membership <= 5.1.5 - Unauthenticated Missing Authorization to Admin Approval Bypass via 'action' Parameter
Source: NVD (National Vulnerability Database)
Vulnerability Description
The User Registration & Membership plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 5.1.5. This is due to the is_admin_creation_process() method relying solely on the presence of action=createuser in the $_REQUEST superglobal without performing any authentication or capability check. This makes it possible for unauthenticated attackers to bypass the admin approval requirement when registering new accounts via the fallback submission path.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
授权机制缺失
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| wpeverest | User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder | 0 ~ 5.1.5 | - |
II. Public POCs for CVE-2026-6145
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-6145
请登录查看更多情报信息。
IV. Related Vulnerabilities
- CVE-2026-3601
User Registration & Membership <= 5.1.4 - Missing Authorizat - CVE-2026-6203
User Registration & Membership <= 5.1.4 - Unauthenticated Op - CVE-2026-1865
User Registration & Membership <= 5.1.2 - Authenticated (Sub - CVE-2026-4056
User Registration & Membership <= 5.1.4 - Missing Authorizat - CVE-2026-1492
User Registration & Membership <= 5.1.2 - Unauthenticated Pr
Same vendor: wpeverest
- CVE-2026-3601
User Registration & Membership <= 5.1.4 - Missing Authorizat - CVE-2026-4882
User Registration Advanced Fields <= 1.6.20 - Unauthenticate - CVE-2026-42652
WordPress User Registration plugin <= 5.1.5 - Cross Site Scr - CVE-2026-5478
Everest Forms <= 3.4.4 - Unauthenticated Arbitrary File Read - CVE-2026-6203
User Registration & Membership <= 5.1.4 - Unauthenticated Op
Same weakness: CWE-862
- CVE-2026-8681
Essential Chat Support <= 1.0.1 - Missing Authorization to U - CVE-2026-45667
Open WebUI: Unauthenticated endpoint can trigger embedding g - CVE-2026-44571
Open WebUI: Improper Authorization in Standard Channels Allo - CVE-2026-45350
Open WebUI: Chat completion API allows tool restrictions to - CVE-2026-44569
Open WebUI: Insecure Message Access Breaks Authorization
V. Comments for CVE-2026-6145
No comments yet