PT-2026-1552 · WordPress · Wp-Members Membership Plugin
Thinnawarth Mathuros
·
Published
2026-01-07
·
Updated
2026-01-07
·
CVE-2025-12648
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
WP-Members Membership Plugin for WordPress versions up to and including 3.5.4.4
Description
The WP-Members Membership Plugin for WordPress stores user-uploaded files in predictable directories (
wp-content/uploads/wpmembers/user files/<user id>/) without sufficient access controls. This allows unauthenticated attackers to directly access and download sensitive documents uploaded by site users by guessing or enumerating user ids and filenames. Basic directory listing protection (.htaccess with Options -Indexes) is insufficient to prevent access.Recommendations
Versions prior to 3.5.4.4 should be updated.
Fix
Files Accessible to External Parties
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wp-Members Membership Plugin