3 matches found
CVE-2022-2273
The Simple Membership WordPress plugin before 4.1.3 does not properly validate the membershiplevel parameter when editing a profile, allowing members to escalate to a higher membership level by using a crafted POST request...
CVE-2022-2273
CVE-2022-2273 affects the WordPress Simple Membership plugin prior to 4.1.3. The root cause is improper validation of the membership_level parameter when editing a profile, which permits a crafted POST request to escalate a member’s privileges to a higher membership level. References indicate a c...
CVE-2022-2273 Simple Membership < 4.1.3 - Membership Privilege Escalation
The Simple Membership WordPress plugin before 4.1.3 does not properly validate the membershiplevel parameter when editing a profile, allowing members to escalate to a higher membership level by using a crafted POST request...