PT-2024-39507 · WordPress · Wp-Members Membership Plugin
Name of the Vulnerable Software and Affected Versions: WP-Members Membership Plugin versions up to, and including, 3.4.9.5 Description: The issue is related to Reflected Cross-Site Scripting due to the use of add query arg without appropriate escaping on the URL. This allows unauthenticated...