WordPress Memberful plugin <= 1.75.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Memberful - Membership Plugin versions = 1.75.0...

CVE-2025-58000 WordPress Memberful Plugin <= 1.75.0 - Broken Access Control Vulnerability

Missing Authorization vulnerability in memberful Memberful allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Memberful: from n/a through 1.75.0...

CVE-2025-58000

CVE-2025-58000 is a Missing Authorization vulnerability in the Memberful WordPress plugin (Memberful – Membership Plugin) that allows accessing functionality not properly constrained by ACLs. Affected software: Memberful, version range from unknown up through 1.75.0. Root cause: Missing authoriza...

CVE-2025-58000 WordPress Memberful plugin <= 1.75.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in memberful Memberful - Membership Plugin memberful-wp allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Memberful - Membership Plugin: from n/a through = 1.75.0...

WordPress plugin Memberful 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

CVE-2024-9242

The Memberful – Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'memberfulbuysubscriptionlink' and 'memberfulpodcastslink' shortcodes in all versions up to, and including, 1.73.7 due to insufficient input sanitization and output escaping on use...

CVE-2024-11294

The Memberful plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.73.9 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-leve...

CVE-2024-11294

The Memberful plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.73.9 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-leve...

CVE-2024-11294

CVE-2024-11294 affects Memberful – Membership Plugin for WordPress. Summary: Unauthenticated users could leverage WordPress core search to exfiltrate sensitive information from posts restricted to higher roles. Impact per data shows Confidentiality impact: Low; Authentication: None; Attack surfac...

CVE-2024-11294 Memberful <= 1.73.9 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure

The Memberful plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.73.9 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-leve...

PT-2024-16889 · WordPress · Memberful

Name of the Vulnerable Software and Affected Versions: Memberful plugin for WordPress versions up to, and including, 1.73.9 Description: The issue allows unauthenticated attackers to extract sensitive data from posts restricted to higher-level roles, such as site members, via the WordPress core...

WordPress Memberful plugin <= 1.73.9 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability

Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin Memberful - Membership Plugin versions = 1.73.9...

WordPress Memberful plugin <= 1.73.7 - Authenticated (contributor+) Stored Cross-Site Scripting vulnerability

Authenticated contributor+ Stored Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Memberful - Membership Plugin versions = 1.73.7...

WordPress plugin Memberful 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-39515 · WordPress · Memberful

Name of the Vulnerable Software and Affected Versions: Memberful – Membership Plugin versions up to, and including, 1.73.7 Description: The issue is a Stored Cross-Site Scripting vulnerability due to insufficient input sanitization and output escaping on user-supplied attributes in the plugin's...