CVE-2026-1321

The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.20. This is due to the rcpsetupregistrationinit function accepting any membership level ID via the rcplevel POST parameter without validating that the leve...

CVE-2026-1321

The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.20. This is due to the rcpsetupregistrationinit function accepting any membership level ID via the rcplevel POST parameter without validating that the leve...

PT-2026-23412

The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.20. This is due to the rcp setup registration init function accepting any membership level ID via the rcp level POST parameter without validating that the...

EUVD-2023-59059

Malicious code in bioql PyPI...

EUVD-2022-34548

Malicious code in bioql PyPI...

CVE-2022-2273

The Simple Membership WordPress plugin before 4.1.3 does not properly validate the membershiplevel parameter when editing a profile, allowing members to escalate to a higher membership level by using a crafted POST request...

CVE-2022-2273

The Simple Membership WordPress plugin before 4.1.3 does not properly validate the membershiplevel parameter when editing a profile, allowing members to escalate to a higher membership level by using a crafted POST request...

CVE-2022-2273

The Simple Membership WordPress plugin before 4.1.3 does not properly validate the membershiplevel parameter when editing a profile, allowing members to escalate to a higher membership level by using a crafted POST request...

PT-2022-15649 · WordPress · Simple Membership

Name of the Vulnerable Software and Affected Versions: Simple Membership WordPress plugin versions prior to 4.1.3 Description: The issue arises from improper validation of the membership level parameter when editing a profile. This allows members to potentially escalate to a higher membership lev...

Simple Membership < 4.1.3 - Unauthenticated Membership Privilege Escalation

The plugin allows user to change their membership at the registration stage due to insufficient checking of a user supplied parameter. Note: This only affects membership from the plugin, not the WordPress role The request contains the levelidentifier parameter with the md52 value, where 2 is the...

Simple Membership < 4.1.3 - Membership Privilege Escalation

The plugin does not properly validate the membershiplevel parameter when editing a profile, allowing members to escalate to a higher membership level by using a crafted POST request. Note: This only affects membership from the plugin, not the WordPress role PoC To increase the level, the attacker...

Simple Membership < 4.1.3 - Membership Privilege Escalation

The plugin does not properly validate the membershiplevel parameter when editing a profile, allowing members to escalate to a higher membership level by using a crafted POST request. Note: This only affects membership from the plugin, not the WordPress role To increase the level, the attacker nee...

Simple Membership < 4.1.3 - Unauthenticated Membership Privilege Escalation

The plugin allows user to change their membership at the registration stage due to insufficient checking of a user supplied parameter. Note: This only affects membership from the plugin, not the WordPress role PoC The request contains the levelidentifier parameter with the md52 value, where 2 is...

WordPress Simple Membership Plugin < 3.8.5 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: Cross Site Request Forgery in Wordpress Simple Membership plugin Exploit Author: rubyman Vendor Homepage: https://wordpress.org/plugins/simple-membership/ wpvulndb : https://wpvulndb.com/vulnerabilities/9482 Version: 3.8.4 Teste...

WordPress Plugin Simple Membership 3.8.4 - Cross-Site Request Forgery

Exploit Title: Cross Site Request Forgery in Wordpress Simple Membership plugin Date: 2019-07-27 Exploit Author: rubyman Vendor Homepage: https://wordpress.org/plugins/simple-membership/ wpvulndb : https://wpvulndb.com/vulnerabilities/9482 Version: 3.8.4 Tested on: Windows 8.1 CVE : CVE-2019-1432...

WordPress Plugin Simple Membership 3.8.4 - Cross-Site Request Forgery

WordPress Plugin Simple Membership 3.8.4 - Cross-Site Request Forgery Exploit Title: Cross Site Request Forgery in Wordpress Simple Membership plugin Date: 2019-07-27 Exploit Author: rubyman Vendor Homepage: https://wordpress.org/plugins/simple-membership/ wpvulndb :...