cleantalk
Vulnerabilities and Security Researches

UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress, CVE-2025-67593

CVE, Research URL

CVE-2025-67593

Home page URL

Security reports for UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress

Application

UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress

Published on
Dec 09, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Stiofan UsersWP userswp allows Cross Site Request Forgery.This issue affects UsersWP: from n/a through <= 1.2.48.
Affected versions
max 1.2.49.
Status
vulnerable
Previous vulnerability researches
UsersWP &#8211; Front-end login form, User Registration, User Profile &amp; Members Directory plugin for WordPress (CVE-2025-66072) , Dec 11, 2025
UsersWP &#8211; Front-end login form, User Registration, User Profile &amp; Members Directory plugin for WordPress (CVE-2025-9344) , Aug 28, 2025
UsersWP &#8211; Front-end login form, User Registration, User Profile &amp; Members Directory plugin for WordPress (CVE-2026-25015) , Feb 27, 2026
UsersWP &#8211; Front-end login form, User Registration, User Profile &amp; Members Directory plugin for WordPress (CVE-2025-67593) , Jun 13, 2026
UsersWP &#8211; Front-end login form, User Registration, User Profile &amp; Members Directory plugin for WordPress (CVE-2022-0442) , Jun 06, 2024
New vulnerability
Advanced Import : One Click Import for WordPress or Theme Demo Data (CVE-2026-4328) , Jun 19, 2026
Falang multilanguage for WordPress (CVE-2026-54805) , Jun 19, 2026
SMS Alert Order Notifications &#8211; WooCommerce (CVE-2026-54803) , Jun 19, 2026
SMS Alert Order Notifications &#8211; WooCommerce (CVE-2026-54802) , Jun 19, 2026
Webhook Automator &amp; Form Integration to Automate 200+ Platforms – Bit Integrations (CVE-2026-11989) , Jun 19, 2026