CVE-2025-3292: 
WordPress vulnerability analysis and mitigation

The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.3. The vulnerability exists in the user_registration_update_profile_details() function due to missing validation on the 'user_id' user controlled key. This makes it possible for unauthenticated attackers to update other user's passwords if they have access to the user ID and email (NVD).

The vulnerability is classified as an Authorization Bypass Through User-Controlled Key (CWE-639). The issue has a CVSS v3.1 Base Score of 4.3 MEDIUM (Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N). The vulnerability stems from improper validation of the 'user_id' parameter in the user_registration_update_profile_details() function, allowing unauthorized access to user profile modification functionality (NVD).

When exploited, this vulnerability allows unauthenticated attackers to modify other users' passwords on the affected WordPress installations. The attacker needs to know both the target user's ID and email address to successfully exploit this vulnerability (NVD).

The vulnerability has been patched in version 4.1.4 of the User Registration & Membership plugin. Site administrators are strongly advised to update to this version or later. The patch includes additional user permission validation checks before allowing profile updates (WordPress Plugin).