Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/09/24 6:30 p.m.2 views

CVE-2025-57973

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chad Butler WP-Members wp-members allows Stored XSS.This issue affects WP-Members: from n/a through = 3.5.4.2...

5.5CVSS5.9AI score0.00032EPSS
Exploits0References1
Patchstack
Patchstackadded 2025/09/22 7:5 p.m.3 views

WordPress WP-Members Plugin <= 3.5.4.2 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by theviper17 in WordPress Plugin WP-Members versions = 3.5.4.2...

5.5CVSS6AI score0.00032EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichmentadded 2025/09/22 6:24 p.m.1 views

CVE-2025-57973 WordPress WP-Members Plugin <= 3.5.4.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chad Butler WP-Members allows Stored XSS. This issue affects WP-Members: from n/a through 3.5.4.2...

5.5CVSS5.6AI score0.00032EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/09/22 6:24 p.m.8 views

CVE-2025-57973 WordPress WP-Members Plugin <= 3.5.4.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chad Butler WP-Members wp-members allows Stored XSS.This issue affects WP-Members: from n/a through = 3.5.4.2...

5.5CVSS0.00032EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/09/11 5:14 a.m.5 views

CVE-2025-9489

The The WP-Members Membership Plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.5.4.2. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it...

5CVSS6.5AI score0.00108EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/09/09 4:25 a.m.2 views

CVE-2025-9489 WP-Members Membership Plugin <= 3.5.4.2 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Profile Names

The The WP-Members Membership Plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.5.4.2. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it...

5CVSS5.9AI score0.00108EPSS
Exploits0References3
CVE
CVEadded 2025/09/09 4:25 a.m.17 views

CVE-2025-9489

CVE-2025-9489 affects the WP-Members Membership Plugin for WordPress. The vulnerability allowsAuthenticated users with Subscriber+ to execute arbitrary shortcodes via do_shortcode due to insufficient input validation in profile-related shortcode handling. Impact is arbitrary shortcode execution w...

5CVSS5.9AI score0.00108EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/09/09 12:0 a.m.2 views

PT-2025-36571

Name of the Vulnerable Software and Affected Versions: The WP-Members Membership Plugin versions prior to 3.5.4.3 Description: The WP-Members Membership Plugin is susceptible to arbitrary shortcode execution. This occurs because the software does not properly validate a value before running do...

5CVSS7AI score0.00108EPSS
Exploits0References8
Rows per page
Query Builder