27 matches found
EUVD-2025-30656
Malicious code in bioql PyPI...
CVE-2025-58000
Missing Authorization vulnerability in memberful Memberful - Membership Plugin memberful-wp allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Memberful - Membership Plugin: from n/a through = 1.75.0...
CVE-2025-58000
Missing Authorization vulnerability in memberful Memberful - Membership Plugin memberful-wp allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Memberful - Membership Plugin: from n/a through = 1.75.0...
WordPress Memberful plugin <= 1.75.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Memberful - Membership Plugin versions = 1.75.0...
CVE-2025-58000 WordPress Memberful Plugin <= 1.75.0 - Broken Access Control Vulnerability
Missing Authorization vulnerability in memberful Memberful allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Memberful: from n/a through 1.75.0...
CVE-2025-58000
CVE-2025-58000 is a Missing Authorization vulnerability in the Memberful WordPress plugin (Memberful – Membership Plugin) that allows accessing functionality not properly constrained by ACLs. Affected software: Memberful, version range from unknown up through 1.75.0. Root cause: Missing authoriza...
CVE-2025-58000 WordPress Memberful plugin <= 1.75.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in memberful Memberful - Membership Plugin memberful-wp allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Memberful - Membership Plugin: from n/a through = 1.75.0...
WordPress plugin Memberful 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-38850
Name of the Vulnerable Software and Affected Versions Memberful versions through 1.75.0 Description A missing authorization issue exists in Memberful, allowing access to functionality that is not properly constrained by Access Control Lists ACLs. Recommendations Update to a version later than...
CVE-2024-9242
The Memberful – Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'memberfulbuysubscriptionlink' and 'memberfulpodcastslink' shortcodes in all versions up to, and including, 1.73.7 due to insufficient input sanitization and output escaping on use...
CVE-2024-11294
The Memberful plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.73.9 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-leve...
CVE-2024-11294
The Memberful plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.73.9 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-leve...
CVE-2024-11294
CVE-2024-11294 affects Memberful – Membership Plugin for WordPress. Summary: Unauthenticated users could leverage WordPress core search to exfiltrate sensitive information from posts restricted to higher roles. Impact per data shows Confidentiality impact: Low; Authentication: None; Attack surfac...
CVE-2024-11294 Memberful <= 1.73.9 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure
The Memberful plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.73.9 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-leve...
CVE-2024-11294 Memberful <= 1.73.9 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure
The Memberful plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.73.9 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-leve...
WordPress plugin Memberful 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...
PT-2024-16889 · WordPress · Memberful
Name of the Vulnerable Software and Affected Versions: Memberful plugin for WordPress versions up to, and including, 1.73.9 Description: The issue allows unauthenticated attackers to extract sensitive data from posts restricted to higher-level roles, such as site members, via the WordPress core...
WordPress Memberful plugin <= 1.73.9 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability
Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin Memberful - Membership Plugin versions = 1.73.9...
CVE-2024-9242
The Memberful – Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'memberfulbuysubscriptionlink' and 'memberfulpodcastslink' shortcodes in all versions up to, and including, 1.73.7 due to insufficient input sanitization and output escaping on use...
CVE-2024-9242
The Memberful – Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'memberfulbuysubscriptionlink' and 'memberfulpodcastslink' shortcodes in all versions up to, and including, 1.73.7 due to insufficient input sanitization and output escaping on use...