Severity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Lifecycle Timeline
2DescriptionCVE.org
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpeverest User Registration user-registration allows Reflected XSS.This issue affects User Registration: from n/a through <= 5.1.5.
Analysis
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpeverest User Registration user-registration allows Reflected XSS.This issue affects User Registration: from n/a through <= 5.1.5.
More in User Registration
View allThe User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to a hardcoded encryption key and
The User Registration WordPress plugin before 2.2.4.1 does not properly restrict the files to be uploaded via an AJAX ac
The User Registration WordPress plugin before 2.0.2 does not properly sanitise the user_registration_profile_pic_url val
The User Registration plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 3.0.1
The User Registration WordPress plugin before 3.0.4.2 does not sanitize and escape some of its settings, which could all
A privilege escalation vulnerability exists in the wpeverest User Registration WordPress plugin through version 4.4.9 du
Unauthenticated availability-impacting broken access control affects the ThemeGrill User Registration WordPress plugin v
The User Registration & Membership - Custom Registration Form, Login Form, and User Profile plugin for WordPress is vuln
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-26219