Lucene search
K

35 matches found

Patchstack
Patchstack
added 2025/02/22 4:5 p.m.4 views

WordPress s2Member Plugin <= 241216 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 Patchstack Alliance in WordPress Plugin s2Member versions = 241216...

7.1CVSS6.1AI score0.00294EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/20 8:25 a.m.8 views

CVE-2024-11376

The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 241114...

6.1CVSS6.3AI score0.00397EPSS
Exploits0References1
OSV
OSV
added 2025/02/18 8:15 a.m.4 views

CVE-2024-11376

The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 241114...

6.1CVSS7.4AI score0.00397EPSS
Exploits0References3
NVD
NVD
added 2025/02/18 8:15 a.m.17 views

CVE-2024-11376

The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 241114...

6.1CVSS0.00397EPSS
Exploits0References3
CVE
CVE
added 2025/02/18 7:28 a.m.53 views

CVE-2024-11376

CVE-2024-11376 : Affected software is the WordPress plugin “s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions”. The vulnerability is a Reflected Cross-Site Scripting (XSS) due to the use of add_query_arg without proper escaping, reported...

6.1CVSS6.4AI score0.00397EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/02/18 7:28 a.m.14 views

CVE-2024-11376 s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions <= 241216 - Reflected Cross-Site Scripting

The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 241114...

6.1CVSS0.00397EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/18 7:28 a.m.10 views

CVE-2024-11376 s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions <= 241216 - Reflected Cross-Site Scripting

The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 241114...

6.1CVSS6.1AI score0.00397EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/04 10:43 p.m.5 views

CVE-2024-8326

The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 241114 via the 'scgetdetails' function. This makes it possible for...

8.8CVSS6.5AI score0.00587EPSS
Exploits0References1
NVD
NVD
added 2024/12/17 10:15 a.m.21 views

CVE-2024-8326

The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 241114 via the 'scgetdetails' function. This makes it possible for...

8.8CVSS0.00587EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/12/17 9:22 a.m.10 views

CVE-2024-8326 s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions <= 241114 - Authenticated (Contributor+) Sensitive Information Exposure

The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 241114 via the 'scgetdetails' function. This makes it possible for...

8.8CVSS6.5AI score0.00587EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/12/17 9:22 a.m.30 views

CVE-2024-8326 s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions <= 241114 - Authenticated (Contributor+) Sensitive Information Exposure

The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 241114 via the 'scgetdetails' function. This makes it possible for...

8.8CVSS0.00587EPSS
Exploits0References5
CVE
CVE
added 2024/12/17 9:22 a.m.57 views

CVE-2024-8326

CVE-2024-8326 affects s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions (WordPress). The issue is Sensitive Information Exposure via the sc_get_details function in all versions up to 241114; authenticated users with Contributor+ access c...

8.8CVSS8.4AI score0.00587EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/12/17 12:0 a.m.5 views

WordPress plugin s2Member 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information...

8.8CVSS7.9AI score0.00587EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/12/17 12:0 a.m.3 views

PT-2024-38941 · WordPress · S2Member

Name of the Vulnerable Software and Affected Versions: s2Member plugin for WordPress versions up to, and including, 241114 Description: The issue allows authenticated attackers with Contributor-level access and above to extract sensitive data, including user data and database configuration...

8.8CVSS9.3AI score0.00587EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2024/05/17 8:53 a.m.23 views

CVE-2024-31237 WordPress s2Member plugin <= 240315 - Privilege Escalation vulnerability

Improper Privilege Management vulnerability in WP Sharks s2Member Pro allows Privilege Escalation.This issue affects s2Member Pro: from n/a through 240315...

7.5CVSS6.9AI score0.00417EPSS
Exploits0References1
Rows per page
Query Builder