6 matches found
WordPress ProfilePress plugin <= 4.16.12 - Missing Authorization to Authenticated (Subscriber+) Inactive Membership Plan Subscription vulnerability
Missing Authorization to Authenticated Subscriber+ Inactive Membership Plan Subscription vulnerability discovered by Supakiad S. m3ez - E-CQURITY Thailand in WordPress Plugin ProfilePress versions = 4.16.12...
CVE-2024-10518
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.15 does not sanitise and escape some of its Membership Plan settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting...
CVE-2024-10518 ProfilePress < 4.15.15 - Admin+ Stored XSS
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.15 does not sanitise and escape some of its Membership Plan settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting...
CVE-2023-47837 WordPress ARMember plugin <= 4.0.10 - Membership Plan Bypass vulnerability
Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10...
CVE-2023-47837 WordPress ARMember plugin <= 4.0.10 - Membership Plan Bypass vulnerability
Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10...
MLM Membership Plan Script 2.0.5 - SQL Injection
MLM Membership Plan Script 2.0.5 - SQL Injection Exploit Title: MLM Membership Plan Script v2.0.5 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/mlm-membership-plan-script/ Demo:...