Social Login Weakness in SetSail Membership Plugin for WordPress
CVE-2025-1564
9.8CRITICAL
What is CVE-2025-1564?
The SetSail Membership plugin for WordPress contains a significant vulnerability due to its failure to properly verify users' identities when logging in through social media accounts. This flaw allows attackers without authentication to gain unauthorized access to user accounts, potentially including those of administrators. As such, it raises serious security risks, necessitating prompt actions for users of the affected plugin versions to protect their accounts.
Affected Version(s)
SetSail Membership 0 <= 1.0.3