CVE-2025-69292 - Vulnerability Details

Incorrect Privilege Assignment vulnerability in e-plugins WP Membership wp-membership allows Privilege Escalation.This issue affects WP Membership: from n/a through <= 1.6.4.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
E-plugins	Wp Membership
Wordpress	Wordpress

No data.

References

Link	Providers
https://patchstack.com/database/Wordpress/Plugin/wp-membership/vulnerability/wordpress-wp-membership-plugin-1-6-4-privilege-escalation-vulnerability?_s_id=cve

History

Fri, 23 Jan 2026 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		E-plugins E-plugins wp Membership Wordpress Wordpress wordpress
Vendors & Products		E-plugins E-plugins wp Membership Wordpress Wordpress wordpress

Thu, 22 Jan 2026 23:00:00 +0000

Type	Values Removed	Values Added
Description		Incorrect Privilege Assignment vulnerability in e-plugins WP Membership wp-membership allows Privilege Escalation.This issue affects WP Membership: from n/a through <= 1.6.4.
Title		WordPress WP Membership plugin <= 1.6.4 - Privilege Escalation vulnerability
Weaknesses		CWE-266
References		https://patchstack.com/database/Wordpress/Plugin/wp-membership/vulnerability/wordpress-wp-membership-plugin-1-6-4-privilege-escalation-vulnerability?_s_id=cve

MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2026-01-22T16:52:30.940Z

Updated: 2026-01-22T16:52:30.940Z

Reserved: 2025-12-31T20:11:57.532Z

Link: CVE-2025-69292

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-01-22T17:16:26.360

Modified: 2026-01-22T17:16:26.360

Link: CVE-2025-69292

Redhat

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object