CVE-2025-4593 - Vulnerability Details

- WP Register Profile With Shortcode <= 3.6.2 - Authenticated (Contributor+) Sensitive Information Exposure

Description

The WP Register Profile With Shortcode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the 'rp_user_data' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data from user meta like hashed passwords, usernames, and more.

Published: 2025-07-11

Score: 6.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The WP Register Profile With Shortcode plugin, version 3.6.2 and earlier, is susceptible to a sensitive information exposure flaw. When the rp_user_data shortcode is used, any authenticated user with Contributor privileges or higher can retrieve user meta, including hashed passwords, usernames, and other sensitive details. This vulnerability would compromise confidentiality, allowing attackers to gain detailed knowledge of site accounts.

Affected Systems

The issue affects WordPress sites that have installed the WP Register Profile With Shortcode plugin from avimegladon and are running version 3.6.2 or older. Any site where users have Contributor or higher roles and where the shortcode is available can be impacted.

Risk and Exploitability

The CVSS score of 6.5 reflects a moderate impact. With an EPSS score below 1 percent, the probability of exploitation is low, and the vulnerability is not listed in CISA’s KEV catalog. It requires an authenticated user with at least Contributor access, so the attack vector is internal authenticated. Vulnerable sites must update the plugin or otherwise prevent Contributors from using the shortcode to mitigate the confidentiality risk.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

avimegladon

WP Register Profile With Shortcode

unaffected

Version	Status	Constraints
`0`	affected	≤ 3.6.2

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Identify all WordPress installations that use WP Register Profile With Shortcode 3.6.2 or earlier.
Upgrade the plugin to the latest release, which removes the rp_user_data shortcode flaw.
If an upgrade cannot be performed immediately, limit or disable the rp_user_data shortcode for Contributor and higher roles, or deactivate the plugin for those users to prevent data exposure.

Generated by OpenCVE AI on April 22, 2026 at 14:41 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2025-21119	The WP Register Profile With Shortcode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the 'rp_user_data' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data from user meta like hashed passwords, usernames, and more.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00073.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3324309%40wp-register-profile-with-shortcode&new=3324309%40wp-register-profile-with-shortcode&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/2ae7f5e3-7312-4fee-962b-3aecd8432557?source=cve

History

Fri, 11 Jul 2025 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 11 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics		epss `{'score': 0.00031}`

Fri, 11 Jul 2025 07:30:00 +0000

Type	Values Removed	Values Added
Description		The WP Register Profile With Shortcode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the 'rp_user_data' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data from user meta like hashed passwords, usernames, and more.
Title		WP Register Profile With Shortcode <= 3.6.2 - Authenticated (Contributor+) Sensitive Information Exposure
Weaknesses		CWE-200
References		https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3324309%40wp-register-profile-with-shortcode&new=3324309%40wp-register-profile-with-shortcode&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/2ae7f5e3-7312-4fee-962b-3aecd8432557?source=cve
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}`

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2025-07-11T07:22:59.127Z

Updated: 2026-04-08T16:43:35.758Z

Reserved: 2025-05-12T15:32:43.438Z

Link: CVE-2025-4593

Vulnrichment

Updated: 2025-07-11T16:54:33.138Z

NVD

Status : Deferred

Published: 2025-07-11T08:15:23.157

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-4593

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-22T14:45:19Z

Weaknesses

CWE-200

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object