WordPress Simple Membership Plugin <= 4.4.2 is vulnerable to Cross Site Scripting (XSS)

Software Simple Membership Type Plugin Vulnerable versions = 4.4.2 Fixed in 4.4.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1985 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 92a2812ee783 Credits stealthcopter Required...

CVE-2024-22308 WordPress Simple Membership Plugin <= 4.4.1 is vulnerable to Open Redirection

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through 4.4.1...