2023-06-27 01:55:28
Wordfence
PUBLISHED
The User Registration plugin for WordPress is vulnerable to Sensitive Information Exposure due to hardcoded encryption key on the lock_content_form_handler and display_password_form function in versions up to, and including, 3.7.3. This makes it possible for unauthenticated attackers to decrypt and view the password protected content.