118 matches found
WordPress plugin s2Member Pro 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-23878 · Unknown · S2Member Pro
Name of the Vulnerable Software and Affected Versions: s2Member Pro versions n/a through 240315 Description: The issue is related to Improper Privilege Management, which allows Privilege Escalation. Recommendations: For versions n/a through 240315, update to a version that addresses the Improper...
CVE-2024-0899
The s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 230815 via the API. This makes it possible for unauthenticated attackers ...
CVE-2024-0899 s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions <= 230815 - Information Exposure
The s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 230815 via the API. This makes it possible for unauthenticated attackers ...
CVE-2024-0899 s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions <= 230815 - Information Exposure
The s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 230815 via the API. This makes it possible for unauthenticated attackers ...
WordPress Plugin s2Member 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2024-15903 · WordPress · S2Member
Name of the Vulnerable Software and Affected Versions: s2Member plugin for WordPress versions prior to 230816 Description: The issue allows unauthenticated attackers to expose information via the API, making it possible to see the contents of posts and pages. Recommendations: For versions prior t...
WordPress s2Member plugin <= 240315 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin s2Member versions = 240315...
WordPress s2Member Pro Plugin <= 240315 is vulnerable to Privilege Escalation
Software s2Member Pro Type Plugin Vulnerable versions = 240315 Fixed in 240325 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-31237 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID db2e8d0fde5a Credits Ngô Thiê...
WordPress s2Member Pro Plugin <= 230815 is vulnerable to Sensitive Data Exposure
Software s2Member Pro Type Plugin Vulnerable versions = 230815 Fixed in 240315 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-0899 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 2b01d6ca4fd7 Credits Francesco Carlucci Required...
s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions < 240315 - Information Exposure
Description The s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 230815 via the API. This makes it possible for unauthenticate...
WordPress s2member Secure File Browser Plugin <= 0.4.16 - XSS
Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...
CVE-2011-5082
Cross-site scripting XSS vulnerability in the s2Member Pro plugin before 111220 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s2memberproauthnetcheckoutcoupon parameter aka Coupon Code field...
CVE-2011-5082
Cross-site scripting XSS vulnerability in the s2Member Pro plugin before 111220 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s2memberproauthnetcheckoutcoupon parameter aka Coupon Code field...
Cross site scripting
Cross-site scripting XSS vulnerability in the s2Member Pro plugin before 111220 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s2memberproauthnetcheckoutcoupon parameter aka Coupon Code field...
CVE-2011-5082
Cross-site scripting XSS vulnerability in the s2Member Pro plugin before 111220 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s2memberproauthnetcheckoutcoupon parameter aka Coupon Code field...
CVE-2011-5082
The CVE-2011-5082 vulnerability affects the WordPress plugin s2Member Pro (before version 111220). An XSS flaw allows remote attackers to inject arbitrary web script or HTML via the s2member_pro_authnet_checkout[coupon] parameter (Coupon Code field). This occurs in the plugin’s checkout handling ...
WordPress s2Member Pro Plugin
Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "s2memberproauthnetcheckoutcoupon" parameter. Solution Update the plugin...