4 matches found
EUVD-2026-43284
The User Registration & Membership WordPress plugin before 5.2.2 does not perform an authorization check on a membership-upgrade action and derives the user to modify from a caller-supplied identifier instead of the current user, allowing any authenticated user such as a subscriber to change...
CVE-2026-11963
Affected product: WordPress plugin “User Registration & Membership” (before 5.2.2). Vulnerability: Missing authorization check on a membership-upgrade action; the target user is derived from a caller-supplied identifier rather than the current user, enabling any authenticated user (e.g., a subscr...
phpcoupon-upgrade.txt
Discovered by freeprotect.net member Vendor site: http://phpcoupon.com ==================================== phpCoupon is Developed to provide an affordable and easy to operate local coupon websites for local and niche directory owners and entrepreneurs seeking income opportunites. It has a securi...
phpCoupon Vulnerabilities
Discovered by freeprotect.net member Vendor site: http://phpcoupon.com ==================================== phpCoupon is Developed to provide an affordable and easy to operate local coupon websites for local and niche directory owners and entrepreneurs seeking income opportunites. It has a securi...