4 matches found
CVE-2025-39579
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows DOM-Based XSS.This issue affects Membership For WooCommerce: from n/a through = 2.8.0...
WordPress Membership For WooCommerce plugin <= 2.8.0 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin Membership For WooCommerce versions = 2.8.0...
CVE-2025-39579 WordPress Membership For WooCommerce plugin <= 2.8.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows DOM-Based XSS.This issue affects Membership For WooCommerce: from n/a through = 2.8.0...
CVE-2025-39579
CVE-2025-39579 is a DOM-based XSS in WordPress plugin Membership For WooCommerce (versions up to 2.8.0). The vulnerability arises from improper input neutralization during web page generation and is exploitable by an authenticated user with low privileges, requiring user interaction. CVSS v3.1 ba...