Description
The FindAll Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.4. This is due to the plugin not properly logging in a user with the data that was previously verified through the 'findall_membership_check_facebook_user' and the 'findall_membership_check_google_user' functions. This makes it possible for unauthenticated attackers to log in as administrative users, as long as they have an existing account on the site which can easily be created by default through the temp user functionality, and access to the administrative user's email.
Published: 2025-11-27
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Authentication Bypass
Action: Patch
AI Analysis

Impact

The FindAll Membership WordPress plugin is vulnerable to an authentication bypass that allows an attacker to log into administrative accounts without valid credentials. The flaw exists because the plugin fails to enforce login session persistence after successful social login checks performed by findall_membership_check_facebook_user and findall_membership_check_google_user. As a result, any user who can create a temporary account and knows the administrative user's email can become an administrator. This vulnerability could allow control over the entire website, including content, site settings, and sensitive data. The weakness maps to CWE‑288.

Affected Systems

This flaw is present in all releases of the FindAll Membership plugin up through version 1.0.4 distributed by Elated Themes. Users deploying the plugin on WordPress sites should review the plugin version and apply any available security updates. No specific WordPress core versions are mentioned as affected, so the vulnerability is confined to the plugin itself.

Risk and Exploitability

The CVSS score of 9.8 marks it as critical, while the EPSS score of less than 1% suggests a low current exploitation likelihood. The vulnerability is not yet listed in CISA KEV. Attackers would need access to a temporary user account and the victim administrator's email address to exploit the flaw, implying a moderate effort and social engineering component. However, the high severity indicates that once accessed it can lead to complete site compromise.

Generated by OpenCVE AI on April 21, 2026 at 01:16 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the FindAll Membership plugin to version 1.0.5 or later.
  • Disable the temporary user creation feature and block social login functions if an update is not immediately available.
  • Restrict access to administrative user accounts and ensure that admin email addresses are not exposed via public interfaces.

Generated by OpenCVE AI on April 21, 2026 at 01:16 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 28 Nov 2025 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 27 Nov 2025 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Elated Themes
Elated Themes findall Membership
Wordpress
Wordpress wordpress
Vendors & Products Elated Themes
Elated Themes findall Membership
Wordpress
Wordpress wordpress

Thu, 27 Nov 2025 04:45:00 +0000

Type Values Removed Values Added
Description The FindAll Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.4. This is due to the plugin not properly logging in a user with the data that was previously verified through the 'findall_membership_check_facebook_user' and the 'findall_membership_check_google_user' functions. This makes it possible for unauthenticated attackers to log in as administrative users, as long as they have an existing account on the site which can easily be created by default through the temp user functionality, and access to the administrative user's email.
Title FindAll Membership <= 1.0.4 - Authentication Bypass via Social Login
Weaknesses CWE-288
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Elated Themes Findall Membership
Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:13:52.337Z

Reserved: 2025-11-22T05:13:16.600Z

Link: CVE-2025-13539

cve-icon Vulnrichment

Updated: 2025-11-28T14:42:04.443Z

cve-icon NVD

Status : Deferred

Published: 2025-11-27T05:16:13.333

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-13539

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-21T01:30:24Z

Weaknesses