{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-3284", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-04-04T15:33:23.745Z", "datePublished": "2025-04-19T02:22:33.079Z", "dateUpdated": "2026-04-08T16:49:44.307Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:49:44.307Z"}, "affected": [{"vendor": "WPEverest", "product": "User Registration PRO \u2013 Custom Registration Form, Login Form, and User Profile WordPress Plugin", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "5.1.3", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The User Registration & Membership \u2013 Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.1.3. This is due to missing or incorrect nonce validation on the user_registration_pro_delete_account() function. This makes it possible for unauthenticated attackers to force delete users, including administrators, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "title": "User Registration & Membership PRO \u2013 Custom Registration Form, Login Form, and User Profile <= 5.1.3 - Cross-Site Request Forgery to User Deletion", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4616b609-e8dc-4004-a5b7-2de3e83719be?source=cve"}, {"url": "https://wpuserregistration.com/changelog/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "cweId": "CWE-352", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "wesley"}], "timeline": [{"time": "2025-04-18T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-21T14:15:43.867400Z", "id": "CVE-2025-3284", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-21T14:16:11.881Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-3284", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-21T14:15:43.867400Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-21T14:16:06.564Z"}}], "cna": {"title": "User Registration & Membership PRO \u2013 Custom Registration Form, Login Form, and User Profile <= 5.1.3 - Cross-Site Request Forgery to User Deletion", "credits": [{"lang": "en", "type": "finder", "value": "wesley"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "WPEverest", "product": "User Registration PRO \u2013 Custom Registration Form, Login Form, and User Profile WordPress Plugin", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "5.1.3"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-04-18T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4616b609-e8dc-4004-a5b7-2de3e83719be?source=cve"}, {"url": "https://wpuserregistration.com/changelog/"}], "descriptions": [{"lang": "en", "value": "The User Registration & Membership \u2013 Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.1.3. This is due to missing or incorrect nonce validation on the user_registration_pro_delete_account() function. This makes it possible for unauthenticated attackers to force delete users, including administrators, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:49:44.307Z"}}}, "cveMetadata": {"cveId": "CVE-2025-3284", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:49:44.307Z", "dateReserved": "2025-04-04T15:33:23.745Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-04-19T02:22:33.079Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The User Registration & Membership \u2013 Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.1.3. This is due to missing or incorrect nonce validation on the user_registration_pro_delete_account() function. This makes it possible for unauthenticated attackers to force delete users, including administrators, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}, {"lang": "es", "value": "El complemento User Registration &amp; Membership \u2013 Custom Registration Form, Login Form, and User Profile para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 5.1.3 incluida. Esto se debe a la falta o a una validaci\u00f3n de nonce incorrecta en la funci\u00f3n user_registration_pro_delete_account(). Esto permite a atacantes no autenticados forzar la eliminaci\u00f3n de usuarios, incluidos administradores, mediante una solicitud falsificada, dado que pueden enga\u00f1ar al administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace."}], "id": "CVE-2025-3284", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-04-19T03:15:13.870", "references": [{"source": "security@wordfence.com", "url": "https://wpuserregistration.com/changelog/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4616b609-e8dc-4004-a5b7-2de3e83719be?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T01:42:29.982794+00:00", "value": {"mitigation_remediation": ["Upgrade the User Registration PRO plugin to version 5.1.4 or later.", "Add a custom code snippet to enforce nonce verification before executing the user deletion function to mitigate CSRF attacks until the official patch is applied.", "Conduct an audit of user accounts to detect any undeclared deletions and restore affected accounts from backup if necessary."], "summary": {"action": "Apply Patch", "impact": "Unrestricted user deletion via CSRF"}, "threat_synthesis": {"affected_systems": "WPEverest User Registration PRO \u2013 Custom Registration Form, Login Form, and User Profile WordPress Plugin versions 5.1.3 and earlier are affected.", "description_and_impact": "The User Registration PRO plugin allows unauthenticated attackers to delete any user, including administrators, because it lacks proper nonce validation in the user_registration_pro_delete_account() function. The flaw is a classic Cross\u2011Site Request Forgery that can be triggered by sending a forged request to the deletion endpoint.", "risk_and_exploitability": "The CVSS score of 4.3 indicates a moderate risk and the EPSS score of less than 1% suggests a low probability of exploitation in the wild. It is not listed in the CISA KEV catalog. The attack likely requires the victim to click a crafted link or submit a forged form to the vulnerable endpoint, which then processes the deletion without verifying the requester\u2019s intent or authenticity."}}}}, "created": "2026-04-22T01:45:05.625774+00:00", "updated": "2026-04-22T01:45:05.625786+00:00", "vendors": []}