CVE-2025-1475: WPCOM Member <= 1.7.5 - Authentication Bypass via 'user_phone'
First published: Fri Mar 07 2025(Updated: )
The WPCOM Member plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.7.5. This is due to insufficient verification on the 'user_phone' parameter when logging in. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if SMS login is enabled.
Credit: security@wordfence.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| WordPress WPCOM Member | <=1.7.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-1475?
CVE-2025-1475 is classified as a high severity vulnerability due to the potential for unauthorized access.
How do I fix CVE-2025-1475?
To fix CVE-2025-1475, update the WPCOM Member plugin to version 1.7.6 or later.
Who is affected by CVE-2025-1475?
All users of the WPCOM Member plugin for WordPress versions up to and including 1.7.5 are affected by CVE-2025-1475.
What causes CVE-2025-1475?
CVE-2025-1475 is caused by insufficient verification of the 'user_phone' parameter during login attempts.
Can an attacker exploit CVE-2025-1475 remotely?
Yes, an attacker can exploit CVE-2025-1475 remotely without needing authentication.
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/weakness
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/author
- agent/source
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/event
- vendor/wordpress
- canonical/wordpress wpcom member