55 matches found
PT-2024-34409 · WordPress · Wp-Emember
Name of the Vulnerable Software and Affected Versions: wp-eMember WordPress plugin versions prior to 10.6.7 Description: The issue allows unauthenticated users to perform Stored Cross-Site Scripting attacks due to the lack of sanitization and escaping of certain fields during member registration...
WordPress plugin wp-eMember security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-37116 · WordPress · Wp-Emember
Name of the Vulnerable Software and Affected Versions: wp-eMember WordPress plugin versions prior to 10.6.7 Description: The issue concerns a Reflected Cross-Site Scripting problem. It arises because the $ SERVER'REQUEST URI' parameter is not properly escaped before being outputted back in an...
WordPress plugin wp-eMember security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-37092 · WordPress · Wp-Emember
Name of the Vulnerable Software and Affected Versions: wp-eMember WordPress plugin versions prior to 10.6.7 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitised and escaped before being outputted back in the page...
WordPress plugin wp-eMember security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin wp-eMember security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-34404 · WordPress · Wp-Emember
Name of the Vulnerable Software and Affected Versions: wp-eMember WordPress plugin versions prior to 10.6.6 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitised and escaped before being outputted back in the page...
WordPress plugin wp-eMember security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin wp-eMember security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-4749
The wp-eMember WordPress plugin before 10.3.9 does not sanitize and escape the "fieldId" parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
CVE-2024-4749
The wp-eMember WordPress plugin before 10.3.9 does not sanitize and escape the "fieldId" parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
CVE-2024-4749 WP eMember < 10.3.9 - Reflected XSS
The wp-eMember WordPress plugin before 10.3.9 does not sanitize and escape the "fieldId" parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
PT-2024-32634 · WordPress · Wp-Emember
Name of the Vulnerable Software and Affected Versions: wp-eMember WordPress plugin versions prior to 10.3.9 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because the fieldId parameter is not properly sanitized and escaped before being outputted back in t...
WP eMember < 10.3.9 - Reflected Cross-Site Scripting
Description The WooCommerce and WP eMember Integration plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 10.3.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...