WordPress Simple Membership <4.1.1 - Cross-Site Scripting

WordPress Simple Membership plugin before 4.1.1 contains a reflected cross-site scripting vulnerability. It does not properly sanitize and escape parameters before outputting them back in AJAX actions. id: CVE-2022-1724 info: name: WordPress Simple Membership 4.1.1 - Cross-Site Scripting author:...

CVE-2026-12093

The Simple Membership plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.7.5. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to deactivate arbitra...

EUVD-2026-37847

The Simple Membership plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.7.5. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to deactivate arbitra...

CVE-2026-12093

The CVE-2026-12093 entry concerns the WordPress Simple Membership plugin (versions up to and including 4.7.5). The root cause is missing authorization verification, enabling unauthenticated attackers to deactivate arbitrary member accounts by forging a charge.refunded Stripe webhook with a victim...

WordPress Simple Membership plugin <= 4.7.5 - Missing Authorization to Unauthenticated Arbitrary Member Account Deactivation vulnerability

Missing Authorization to Unauthenticated Arbitrary Member Account Deactivation vulnerability discovered by Nikita Fenko - self in WordPress Plugin Simple Membership versions = 4.7.5...

EUVD-2026-36917

Unauthenticated Broken Access Control in Simple Membership = 4.7.1 versions...

CVE-2026-42663

Unauthenticated Cross Site Scripting XSS in Simple Membership = 4.7.2 versions...

CVE-2026-34886

Unauthenticated Broken Access Control in Simple Membership = 4.7.1 versions...

CVE-2026-42663 WordPress Simple Membership plugin <= 4.7.2 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Simple Membership = 4.7.2 versions...

EUVD-2026-36828

Unauthenticated Cross Site Scripting XSS in Simple Membership = 4.7.2 versions...

CVE-2026-42663

CVE-2026-42663 affects WordPress plug‑in Simple Membership (versions ≤ 4.7.2). Unauthenticated Cross Site Scripting (XSS) vulnerability reported. Connected sources confirm the impact type but do not provide concrete exploit details, affected files, root cause, or remediation steps within the supp...

CVE-2026-34886 WordPress Simple Membership plugin <= 4.7.1 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Simple Membership = 4.7.1 versions...

CVE-2026-34886 WordPress Simple Membership plugin <= 4.7.1 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Simple Membership = 4.7.1 versions...

CVE-2026-34886

The CVE-2026-34886 entry affects WordPress WordPress Simple Membership plugin versions

PT-2026-49362

Unauthenticated Broken Access Control in Simple Membership = 4.7.1 versions...

PT-2026-49454

Unauthenticated Cross Site Scripting XSS in Simple Membership = 4.7.2 versions...

WordPress Simple Membership plugin <= 4.7.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by hhhai in WordPress Plugin Simple Membership versions = 4.7.2...

WordPress Simple Membership plugin <= 4.7.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin Simple Membership versions = 4.7.1...

WordPress Simple Membership plugin <= 4.7.0 - Unauthenticated Improper Handling of Missing Values vulnerability

Unauthenticated Improper Handling of Missing Values vulnerability discovered by 0N0ise - cert.pl in WordPress Plugin Simple Membership versions = 4.7.0...

CVE-2026-25308

Missing Authorization vulnerability in wp.insider Simple Membership simple-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Membership: from n/a through = 4.6.9...