Description

WordPress Plugin Registration Forms-User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently reset passwords of random users if account id's are known. WordPress Plugin Registration Forms-User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes version 2.0.13 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 2.0.14 or latest

References

Related Vulnerabilities