CVE-2024-22308 WordPress Simple Membership Plugin <= 4.4.1 is vulnerable to Open Redirection

🗓️ 24 Jan 2024 11:59:37Reported by PatchstackType

WordPress Simple Membership Plugin has Open Redirection vulnerability

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2024-22308	24 Jan 202413:26	–	circl
CNNVD	WordPress plugin Simple Membership Input Validation Error Vulnerability	24 Jan 202400:00	–	cnnvd
CVE	CVE-2024-22308	24 Jan 202411:59	–	cve
EUVD	EUVD-2024-19869	3 Oct 202520:07	–	euvd
NVD	CVE-2024-22308	24 Jan 202412:15	–	nvd
Patchstack	WordPress Simple Membership Plugin <= 4.4.1 is vulnerable to Open Redirection	19 Jan 202400:00	–	patchstack
Prion	Open redirect	24 Jan 202412:15	–	prion
Positive Technologies	PT-2024-19330 · Unknown · Simple Membership	24 Jan 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-22308	23 May 202509:35	–	redhatcve
Vulnrichment	CVE-2024-22308 WordPress Simple Membership Plugin <= 4.4.1 is vulnerable to Open Redirection	24 Jan 202411:59	–	vulnrichment

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "simple-membership",
    "product": "Simple Membership",
    "vendor": "smp7, wp.insider",
    "versions": [
      {
        "changes": [
          {
            "at": "4.4.2",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "4.4.1",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/simple-membership/wordpress-simple-membership-plugin-4-4-1-open-redirection-vulnerability

28 Apr 2026 16:09Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.13.4

EPSS0.00279

CWE-601