CVE-2026-4136
Received Received - Intake
Unvalidated Redirect in Membership Plugin – Restrict Content WordPress

Publication date: 2026-03-20

Last updated on: 2026-03-20

Assigner: Wordfence

Description
The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Unvalidated Redirect in all versions up to, and including, 3.2.24. This is due to insufficient validation on the redirect url supplied via the 'rcp_redirect' parameter. This makes it possible for unauthenticated attackers to redirect users with the password reset email to potentially malicious sites if they can successfully trick them into performing an action.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-20
Last Modified
2026-03-20
Generated
2026-06-16
AI Q&A
2026-03-20
EPSS Evaluated
2026-06-14
NVD
CVE-2026-4136
EUVD
EUVD-2026-13521
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
restrict_content_pro restrict_content_pro to 3.2.24 (inc)
restrict_content_pro restrict_content_pro 3.2.25
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-640 The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability in the Membership Plugin – Restrict Content Pro for WordPress is an Unvalidated Redirect issue present in all versions up to and including 3.2.24. It occurs because the plugin does not properly validate the redirect URL provided via the 'rcp_redirect' parameter.

This flaw allows unauthenticated attackers to craft password reset emails that redirect users to potentially malicious websites if the users are tricked into performing certain actions.

Impact Analysis

This vulnerability can impact you by enabling attackers to redirect users to malicious sites through password reset emails. If users follow these redirects, they may be exposed to phishing attacks, malware, or other harmful content.

Because the redirect URL is not properly validated, attackers can exploit this to deceive users into visiting unsafe locations, potentially compromising user security and trust.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': "This vulnerability involves unvalidated redirects via the 'rcp_redirect' parameter in the Restrict Content Pro WordPress plugin up to version 3.2.24. Detection can focus on identifying HTTP requests containing this parameter with potentially malicious redirect URLs."}, {'type': 'paragraph', 'content': "To detect exploitation attempts on your network or system, you can monitor web server logs or use command-line tools to search for requests containing the 'rcp_redirect' parameter."}, {'type': 'list_item', 'content': "Use grep or similar tools on your web server access logs to find requests with 'rcp_redirect':\n grep -i 'rcp_redirect=' /var/log/apache2/access.log"}, {'type': 'list_item', 'content': "Use curl or wget to test if the plugin version is vulnerable by sending crafted POST requests with the 'rcp_redirect' parameter and observing if redirects to external URLs occur."}, {'type': 'list_item', 'content': 'Monitor for password reset emails or flows that include redirect URLs pointing to external or suspicious domains, which may indicate exploitation.'}] [2, 3]

Mitigation Strategies

[{'type': 'paragraph', 'content': 'The primary mitigation step is to update the Restrict Content Pro plugin to version 3.2.25 or later, where the vulnerability has been fixed by improving validation and sanitization of redirect URLs.'}, {'type': 'list_item', 'content': 'Upgrade the plugin from version 3.2.24 or earlier to 3.2.25 or newer.'}, {'type': 'list_item', 'content': "Ensure that all redirects use WordPress's safe redirect functions such as wp_safe_redirect() and that redirect URLs are validated with wp_validate_redirect()."}, {'type': 'list_item', 'content': 'If immediate upgrade is not possible, consider disabling password reset or login redirect features temporarily to reduce risk.'}, {'type': 'list_item', 'content': 'Monitor user activity and password reset flows for suspicious redirects or unauthorized actions.'}] [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-4136. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart