CVE-2025-11167 | CM Registration Plugin up to 2.5.6 on WordPress redirect_url

October 11, 2025 Yanac

A vulnerability was found in CM Registration Plugin up to 2.5.6 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. Executing manipulation of the argument redirect_url can lead to open redirect.

This vulnerability is tracked as CVE-2025-11167. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More

CVE-2025-6553 | Ovatheme Events Manager Plugin up to 1.8.5 on WordPress process_checkout unrestricted upload
CVE-2025-8682 | Newsup Plugin up to 5.0.10 on WordPress Plugin Installation newsup_admin_info_install_plugin authorization