Lucene search
+L

2903 matches found

NVD
NVD
added yesterday7 views

CVE-2026-63097

Dendrite through 0.13.8 contains an improper access control vulnerability in the syncapi /context endpoint syncapi/routing/context.go that allows authenticated local users to access post-leave room state events by exploiting a flawed membership check that evaluates only the RoomExists field while...

5.3CVSS
Exploits0References2
EUVD
EUVD
added yesterday6 views

EUVD-2026-45195

Dendrite through 0.13.8 contains an improper access control vulnerability in the syncapi /context endpoint syncapi/routing/context.go that allows authenticated local users to access post-leave room state events by exploiting a flawed membership check that evaluates only the RoomExists field while...

5.3CVSS5.4AI score
Exploits0References2
CVE
CVE
added yesterday9 views

CVE-2026-63097

Dendrite 0.13.8 is affected by an improper access-control in the syncapi /context endpoint (syncapi/routing/context.go). The flaw uses a flawed membership check that only considers RoomExists, ignoring IsInRoom, HasBeenInRoom, and Membership fields, allowing authenticated local users who have lef...

5.3CVSS5.4AI score
Exploits0References2
NVD
NVD
added yesterday6 views

CVE-2026-11961

The User Registration & Membership WordPress plugin before 5.2.3 does not validate that the membership tier submitted during public registration is one of the tiers allowed by the registration form before assigning that tier's associated user role, allowing unauthenticated users to register into ...

8.1CVSS0.00137EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday16 views

CVE-2026-11961 User Registration & Membership < 5.2.3 - Unauthenticated Privilege Escalation via Unbound members_data Membership ID

The User Registration & Membership WordPress plugin before 5.2.3 does not validate that the membership tier submitted during public registration is one of the tiers allowed by the registration form before assigning that tier's associated user role, allowing unauthenticated users to register into ...

0.00137EPSS
Exploits0References1
CVE
CVE
added yesterday18 views

CVE-2026-11961

CVE-2026-11961 affects the WordPress plugin User Registration & Membership (pre-5.2.3). The vulnerability arises because the registration form does not validate that the submitted membership tier is among the allowed tiers before assigning the corresponding user role. This allows unauthenticated ...

8.1CVSS6.1AI score0.00137EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added yesterday4 views

CVE-2026-11961 User Registration & Membership < 5.2.3 - Unauthenticated Privilege Escalation via Unbound members_data Membership ID

The User Registration & Membership WordPress plugin before 5.2.3 does not validate that the membership tier submitted during public registration is one of the tiers allowed by the registration form before assigning that tier's associated user role, allowing unauthenticated users to register into ...

5.4AI score0.00137EPSS
Exploits0References1
EUVD
EUVD
added yesterday6 views

EUVD-2026-45146

The User Registration & Membership WordPress plugin before 5.2.3 does not validate that the membership tier submitted during public registration is one of the tiers allowed by the registration form before assigning that tier's associated user role, allowing unauthenticated users to register into ...

8.1CVSS5.4AI score0.00137EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-11961

The User Registration & Membership WordPress plugin before 5.2.3 does not validate that the membership tier submitted during public registration is one of the tiers allowed by the registration form before assigning that tier's associated user role, allowing unauthenticated users to register into ...

5.4AI score0.00137EPSS
Exploits0References1
Nuclei
Nuclei
added yesterday75 views

ARMember < 3.4.8 - Unauthenticated Admin Account Takeover

The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover even the administrator due to missing nonce and authorization checks in an AJAX action available to unauthenticated users, allowing them to change the password of arbitrary users by knowing their username. id:...

8.1CVSS7.9AI score0.0852EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday50 views

WordPress Simple Membership <4.1.1 - Cross-Site Scripting

WordPress Simple Membership plugin before 4.1.1 contains a reflected cross-site scripting vulnerability. It does not properly sanitize and escape parameters before outputting them back in AJAX actions. id: CVE-2022-1724 info: name: WordPress Simple Membership 4.1.1 - Cross-Site Scripting author:...

6.1CVSS5.8AI score0.01693EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday50 views

Membership Database <= 1.0 - Cross-Site Scripting

Membership Database before 1.0 is susceptible to cross-site scripting via the tab parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker t...

6.1CVSS6.9AI score0.0085EPSS
Exploits2References3
Nuclei
Nuclei
added yesterday32 views

WCFM Membership <= 2.10.0 - Broken Access Control

The WCFM Membership plugin for WordPress is vulnerable to unauthorized modification and access of data in versions up to, and including, 2.10.0 due to missing capability checks true the AJAX actions: wcfm-memberships, wcfm-memberships-manage, and wcfm-memberships-settings. id: CVE-2022-4940 info:...

7.3CVSS7AI score0.01084EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday11 views

User Registration & Membership WordPress plugin - Open Redirect

User Registration & Membership WordPress plugin = 5.1.4 contains an open redirect caused by insufficient validation of 'redirecttoonlogout' parameter, letting attackers redirect users to malicious external URLs after logout, exploit requires crafted URL. id: CVE-2026-6203 info: name: User...

6.1CVSS5.2AI score0.00663EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-60790

Dendrite through 0.13.8 contains an improper access control vulnerability in the syncapi /context endpoint syncapi/routing/context.go that allows authenticated local users to access post-leave room state events by exploiting a flawed membership check that evaluates only the RoomExists field while...

5.3CVSS5.3AI score
Exploits0References3
NVD
NVD
added 5 days ago3 views

CVE-2026-57709

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows Path Traversal.This issue affects Membership For WooCommerce: from n/a through = 3.1.0...

8.6CVSS0.00382EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-43284

The User Registration & Membership WordPress plugin before 5.2.2 does not perform an authorization check on a membership-upgrade action and derives the user to modify from a caller-supplied identifier instead of the current user, allowing any authenticated user such as a subscriber to change...

8.1CVSS6.1AI score0.00201EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 5 days ago2 views

CVE-2026-57709

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows Path Traversal.This issue affects Membership For WooCommerce: from n/a through = 3.1.0...

8.6CVSS6.1AI score0.00382EPSS
Exploits0References2
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-57709 WordPress Membership For WooCommerce plugin <= 3.1.0 - Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows Path Traversal.This issue affects Membership For WooCommerce: from n/a through = 3.1.0...

8.6CVSS0.00382EPSS
Exploits0References1
CVE
CVE
added 5 days ago11 views

CVE-2026-57709

CVE-2026-57709 affects the WordPress plugin WP Swings Membership For WooCommerce (Membership For WooCommerce) up to version 3.1.0. The issue is a path traversal vulnerability caused by improper limitation of a pathname to a restricted directory, enabling arbitrary file deletion. CVSS v3.1 base sc...

8.6CVSS6.1AI score0.00382EPSS
Exploits0References1
Rows per page
Query Builder