CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

Patchstack•added 2026/06/04 9:7 a.m.•8 views

WordPress ARMember Premium – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin <= 7.3.1 - Authenticated (Subscriber+) SQL Injection vulnerability

Authenticated Subscriber+ SQL Injection vulnerability discovered by h0xilo in WordPress Plugin ARMember Premium versions = 7.3.1...

6.5CVSS5.9AI score0.00241EPSS

Exploits1References1Affected Software1

Patchstack•added 2026/05/05 10:54 a.m.•3 views

WordPress ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin <= 4.0.60 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Yuvraj Tomar in WordPress Plugin ARMember versions = 4.0.60...

7.5CVSS5.9AI score0.00335EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/12/09 4:41 p.m.•22 views

CVE-2022-47425 WordPress ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin <= 3.4.10 - Broken Access Control

Missing Authorization vulnerability in Repute Infosystems ARMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember: from n/a through 3.4.10...

4.3CVSS0.00246EPSS

Exploits0References1

Patchstack•added 2024/03/26 12:0 a.m.•17 views

WordPress ARMember Plugin <= 4.0.26 is vulnerable to PHP Object Injection

Software ARMember Type Plugin Vulnerable versions = 4.0.26 Fixed in 4.0.27 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-30223 Patch priority High CVSS severity High 9 Developer Claim ownership PSID 8d16e0b0481c Credits LVT-tholv2k Required privilege Unauthenticated...

9.8CVSS6.8AI score0.00645EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2024/01/08 7:18 p.m.•3 views

CVE-2023-52200 WordPress ARMember Plugin <= 4.0.22 is vulnerable to Cross Site Request Forgery (CSRF) leading to PHP Object Injection

Cross-Site Request Forgery CSRF, Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup.This issue affects ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile &...

9.6CVSS9.6AI score0.0027EPSS

Exploits0References1

Patchstack•added 2024/01/03 12:0 a.m.•11 views

WordPress ARMember Plugin <= 4.0.22 is vulnerable to Cross Site Request Forgery (CSRF)

Software ARMember Type Plugin Vulnerable versions = 4.0.22 Fixed in 4.0.23 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-52200 Patch priority Low CVSS severity Low 9.6 Developer Claim ownership PSID 7905097651fa Credits Rafie Muhammad Patchstac...

9.8CVSS6.6AI score0.0027EPSS

Exploits0References2Affected Software1

Patchstack•added 2023/03/27 12:0 a.m.•15 views

WordPress ARMember Plugin <= 3.4.11 is vulnerable to SQL Injection

Software ARMember Type Plugin Vulnerable versions = 3.4.11 Fixed in 4.0 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2022-46808 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 69cdf488ab0c Credits Le Ngoc Anh Required privilege Unauthenticated Publishe...

9.8CVSS6.8AI score0.00639EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by