9 matches found
CVE-2026-1304
The Membership Plugin – Restrict Content for WordPress is vulnerable to Stored Cross-Site Scripting via multiple invoice settings fields in all versions up to, and including, 3.2.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...
CVE-2026-1304
The Membership Plugin – Restrict Content for WordPress is vulnerable to Stored Cross-Site Scripting via multiple invoice settings fields in all versions up to, and including, 3.2.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...
CVE-2026-1304 Membership Plugin – Restrict Content <= 3.2.18 - Authenticated (Administrator+) Stored Cross-Site Scripting via Invoice Settings
The Membership Plugin – Restrict Content for WordPress is vulnerable to Stored Cross-Site Scripting via multiple invoice settings fields in all versions up to, and including, 3.2.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...
CVE-2026-1304
CVE-2026-1304 concerns the WordPress plugin “Membership Plugin – Restrict Content for WordPress.” The issue is a Stored Cross-Site Scripting (Stored XSS) in multiple invoice settings fields across all versions up to 3.2.18, caused by insufficient input sanitization and output escaping. The vulner...
CVE-2026-1304 Membership Plugin – Restrict Content <= 3.2.18 - Authenticated (Administrator+) Stored Cross-Site Scripting via Invoice Settings
The Membership Plugin – Restrict Content for WordPress is vulnerable to Stored Cross-Site Scripting via multiple invoice settings fields in all versions up to, and including, 3.2.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...
PT-2026-20275
The Membership Plugin – Restrict Content for WordPress is vulnerable to Stored Cross-Site Scripting via multiple invoice settings fields in all versions up to, and including, 3.2.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...
WordPress plugin Membership Plugin – Restrict Content for WordPress 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
WordPress Membership Plugin - Restrict Content plugin <= 3.2.18 - Authenticated (Administrator+) Stored Cross-Site Scripting via Invoice Settings vulnerability
WordPress Membership Plugin - Restrict Content plugin = 3.2.18 - Authenticated Administrator+ Stored Cross-Site Scripting via Invoice Settings vulnerability discovered by Miguel Santareno in WordPress Plugin Restrict Content versions = 3.2.18...
WHMCS 4.5.2 SQL Injection
Title: WHMCS 4.x SQL Injection Vulnerability Google Dork: intext:"Powered by WHMCompleteSolution" OR inurl:"submitticket.php" Author: Ahmed Aboul-Ela Contact: Ahmed.Aboul3laatgmaildotcom Date: 14/5/2013 Vendor: http://www.whmcs.com Version: 4.5.2 and perior versions should be affected too Teste...