6 matches found
CVE-2023-41956
Improper Authentication vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through 4.3.4...
CVE-2023-41956
Improper Authentication vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through 4.3.4...
CVE-2023-41956 WordPress Simple Membership plugin <= 4.3.4 - Authenticated Account Takeover vulnerability
Improper Authentication vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through 4.3.4...
CVE-2023-41956 WordPress Simple Membership plugin <= 4.3.4 - Authenticated Account Takeover vulnerability
Improper Authentication vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through 4.3.4...
CVE-2023-41956
The CVE-2023-41956 entry concerns WordPress Simple Membership (smp7) with an Improper Authentication flaw that allowed an authenticated user to takeover accounts via the password reset flow. Affected versions are Simple Membership up to 4.3.4; patched in 4.3.5. Reports from NVD/Red Hat/Wordfence ...
WordPress Simple Membership Plugin <= 4.3.4 is vulnerable to Privilege Escalation
Software Simple Membership Type Plugin Vulnerable versions = 4.3.4 Fixed in 4.3.5 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-41956 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 9136913b17b8 Credits Rafie...