The User Registration plugin for WordPress is vulnerable to Sensitive Information Exposure due to hardcoded encryption key on the 'lock_content_form_handler' and 'display_password_form' function in versions up to, and including, 3.7.3. This makes it possible for unauthenticated malicious users to decrypt and view the password protected content.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wpdeveloper embedpress |