3 matches found
WordPress Team Member Plugin <= 7.3 is vulnerable to Local File Inclusion
Software Team Member Type Plugin Vulnerable versions = 7.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-52385 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f127efd80d70 Credits João Pedro S Alcântara Kinorth Require...
CVE-2024-10223 HT Team Member <= 1.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via htteamember Shortcode
The WP Team – WordPress Team Member Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's htteamember shortcode in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
WordPress Team Member Plugin <= 4.4 is vulnerable to Cross Site Scripting (XSS)
Software Team Member Type Plugin Vulnerable versions = 4.4 Fixed in 4.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23647 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 58324d90afad Credits Rio Darmawan Required privilege...