280 matches found
CVE-2023-39994
Missing Authorization vulnerability in Repute InfoSystems ARMember Premium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember Premium: from n/a through 5.9.2...
CVE-2023-3996
The ARMember Lite - Membership Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 4.0.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...
CVE-2023-3011
The ARMember plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.0.5. This is due to missing or incorrect nonce validation on the armcheckusercap function. This makes it possible for unauthenticated attackers to perform multiple unauthorized action...
CVE-2023-47837
Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10...
CVE-2022-46808
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Repute Infosystems ARMember armember-membership allows SQL Injection.This issue affects ARMember: from n/a through 3.4.11...
CVE-2022-47421
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Repute InfoSystems ARMember free, Repute InfoSystems ARMember premium plugins...
CVE-2022-1903
The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover even the administrator due to missing nonce and authorization checks in an AJAX action available to unauthenticated users, allowing them to change the password of arbitrary users by knowing their username...
CVE-2022-47424
Cross-Site Request Forgery CSRF vulnerability in Repute InfoSystems ARMember, Repute InfoSystems ARMember Premium allows Cross-Site Request Forgery.This issue affects ARMember: from n/a through 4.0.5; ARMember Premium: from n/a before 6.7.1...
CVE-2022-47140
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Repute InfoSystems ARMember plugin = 4.0.1 versions...
CVE-2024-30222
Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26...
CVE-2024-30223
Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26...
CVE-2024-32948
Missing Authorization vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.28...
CVE-2023-39994
Missing Authorization vulnerability in reputeinfosystems ARMember Premium armember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember Premium: from n/a through = 5.9.2...
CVE-2023-39994
Missing Authorization vulnerability in Repute InfoSystems ARMember Premium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember Premium: from n/a through 5.9.2...
CVE-2023-39994
Missing Authorization vulnerability in Repute InfoSystems ARMember Premium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember Premium: from n/a through 5.9.2...
CVE-2023-39994 WordPress ARMember Premium plugin <= 5.9.2 - Broken Access Control
Missing Authorization vulnerability in reputeinfosystems ARMember Premium armember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember Premium: from n/a through = 5.9.2...
CVE-2023-39994 WordPress ARMember Premium plugin <= 5.9.2 - Broken Access Control
Missing Authorization vulnerability in Repute InfoSystems ARMember Premium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember Premium: from n/a through 5.9.2...
CVE-2023-39994
CVE-2023-39994 affects Repute InfoSystems ARMember Premium (WordPress plugin) up to version 5.9.2, via a Missing Authorization/Broken Access Control issue. The ARMember entry lists affected versions as
PT-2025-1447 · Repute Infosystems · Armember Premium
Name of the Vulnerable Software and Affected Versions: Repute InfoSystems ARMember Premium versions prior to 5.9.2 Description: The issue is related to a missing authorization vulnerability in Repute InfoSystems ARMember Premium, which allows exploiting incorrectly configured access control...
WordPress plugin ARMember Premium 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...