6 matches found
CVE-2026-1321
The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.20. This is due to the rcpsetupregistrationinit function accepting any membership level ID via the rcplevel POST parameter without validating that the leve...
EUVD-2026-9796
The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.20. This is due to the rcpsetupregistrationinit function accepting any membership level ID via the rcplevel POST parameter without validating that the leve...
CVE-2026-1321 Membership Plugin – Restrict Content <= 3.2.20 - Unauthenticated Privilege Escalation via 'rcp_level'
The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.20. This is due to the rcpsetupregistrationinit function accepting any membership level ID via the rcplevel POST parameter without validating that the leve...
CVE-2026-1321
The CVE-2026-1321 entry affects the WordPress plugin “Membership Plugin – Restrict Content” (Restrict Content) and describes an unauthenticated privilege-escalation in all versions up to 3.2.20. The root cause is that rcp_setup_registration_init() accepts any membership level ID via the rcp_level...
CVE-2026-1321
The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.20. This is due to the rcpsetupregistrationinit function accepting any membership level ID via the rcplevel POST parameter without validating that the leve...
PT-2026-23412
The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.20. This is due to the rcp setup registration init function accepting any membership level ID via the rcp level POST parameter without validating that the...