CVE-2026-4136: CWE-640 Weak Password Recovery Mechanism for Forgotten Password in stellarwp Membership Plugin – Restrict Content
The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Unvalidated Redirect in all versions up to, and including, 3.2.24. This is due to insufficient validation on the redirect url supplied via the 'rcp_redirect' parameter. This makes it possible for unauthenticated attackers to redirect users with the password reset email to potentially malicious sites if they can successfully trick them into performing an action.
AI Analysis
Technical Summary
CVE-2026-4136 describes an unvalidated redirect vulnerability in the Membership Plugin – Restrict Content for WordPress. The issue arises from insufficient validation of the 'rcp_redirect' parameter, which is used in password reset emails. Attackers can leverage this flaw to redirect users to arbitrary external URLs, potentially leading to phishing or other malicious sites. This vulnerability affects all versions up to and including 3.2.24 and is categorized under CWE-640, indicating weaknesses in the password recovery process. The CVSS 3.1 base score is 4.3, with vector AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N, indicating network attack vector, low attack complexity, no privileges required, user interaction required, unchanged scope, no confidentiality or availability impact, and low integrity impact.
Potential Impact
The vulnerability allows unauthenticated attackers to redirect users who receive password reset emails to potentially malicious websites. This could facilitate phishing attacks or other social engineering exploits targeting users of the plugin. There is no direct impact on confidentiality or availability, and the integrity impact is low. No known exploits are reported in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — no official patch or remediation guidance is provided in the available data. Users should monitor the vendor's advisory for updates and apply any official fixes once released. Until then, caution should be exercised with password reset links, and users should verify URLs before clicking. No vendor advisory states that the issue is already mitigated or requires no action.
CVE-2026-4136: CWE-640 Weak Password Recovery Mechanism for Forgotten Password in stellarwp Membership Plugin – Restrict Content
Description
The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Unvalidated Redirect in all versions up to, and including, 3.2.24. This is due to insufficient validation on the redirect url supplied via the 'rcp_redirect' parameter. This makes it possible for unauthenticated attackers to redirect users with the password reset email to potentially malicious sites if they can successfully trick them into performing an action.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-4136 describes an unvalidated redirect vulnerability in the Membership Plugin – Restrict Content for WordPress. The issue arises from insufficient validation of the 'rcp_redirect' parameter, which is used in password reset emails. Attackers can leverage this flaw to redirect users to arbitrary external URLs, potentially leading to phishing or other malicious sites. This vulnerability affects all versions up to and including 3.2.24 and is categorized under CWE-640, indicating weaknesses in the password recovery process. The CVSS 3.1 base score is 4.3, with vector AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N, indicating network attack vector, low attack complexity, no privileges required, user interaction required, unchanged scope, no confidentiality or availability impact, and low integrity impact.
Potential Impact
The vulnerability allows unauthenticated attackers to redirect users who receive password reset emails to potentially malicious websites. This could facilitate phishing attacks or other social engineering exploits targeting users of the plugin. There is no direct impact on confidentiality or availability, and the integrity impact is low. No known exploits are reported in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — no official patch or remediation guidance is provided in the available data. Users should monitor the vendor's advisory for updates and apply any official fixes once released. Until then, caution should be exercised with password reset links, and users should verify URLs before clicking. No vendor advisory states that the issue is already mitigated or requires no action.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- Wordfence
- Date Reserved
- 2026-03-13T14:50:43.889Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 69bcc873e32a4fbe5f2a791b
Added to database: 3/20/2026, 4:09:23 AM
Last enriched: 4/9/2026, 11:37:03 AM
Last updated: 5/4/2026, 4:07:12 AM
Views: 84
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.