25 matches found
CVE-2025-10648
The YourMembership Single Sign On – YM SSO Login plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'moymdisplaytestattributes' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to rea...
CVE-2025-10648
The YourMembership Single Sign On – YM SSO Login plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'moymdisplaytestattributes' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to rea...
CVE-2025-10648
CVE-2025-10648 concerns the WordPress plugin “Login with YourMembership – YM SSO Login”. The vulnerability arises from a missing capability check in the moym_display_test_attributes function, affecting all versions up to and including 1.1.7, enabling unauthenticated attackers to read the profile ...
CVE-2025-10648 Login with YourMembership - YM SSO Login <= 1.1.7 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'moym_display_test_attributes'
The YourMembership Single Sign On – YM SSO Login plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'moymdisplaytestattributes' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to rea...
CVE-2025-10648 Login with YourMembership - YM SSO Login <= 1.1.7 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'moym_display_test_attributes'
The YourMembership Single Sign On – YM SSO Login plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'moymdisplaytestattributes' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to rea...
EUVD-2025-34569
The YourMembership Single Sign On – YM SSO Login plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'moymdisplaytestattributes' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to rea...
WordPress Login with YourMembership - YM SSO Login plugin <= 1.1.7 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'moym_display_test_attributes' vulnerability
WordPress Login with YourMembership - YM SSO Login plugin = 1.1.7 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'moymdisplaytestattributes' vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin YourMembership Single Sign On versions = 1.1.7...
EUVD-2023-41814
Malicious code in bioql PyPI...
EUVD-2023-41813
Malicious code in bioql PyPI...
CVE-2023-37986
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in miniOrange YourMembership Single Sign On – YM SSO Login plugin = 1.1.3 versions...
CVE-2023-37987
Missing Authorization vulnerability in miniOrange YourMembership Single Sign On allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YourMembership Single Sign On: from n/a through 1.1.3...
CVE-2023-37987
Missing Authorization vulnerability in miniOrange YourMembership Single Sign On allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YourMembership Single Sign On: from n/a through 1.1.3...
CVE-2023-37987
Missing Authorization vulnerability in miniOrange YourMembership Single Sign On login-with-yourmembership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YourMembership Single Sign On: from n/a through = 1.1.3...
CVE-2023-37987 WordPress YourMembership Single Sign On plugin <= 1.1.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in miniOrange YourMembership Single Sign On allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YourMembership Single Sign On: from n/a through 1.1.3...
CVE-2023-37987
CVE-2023-37987 refers to a Missing Authorization / Broken Access Control vulnerability in the miniOrange YourMembership Single Sign On (YourMembership SSO) plugin. Affected: WordPress YourMembership SSO, versions up to 1.1.3 (listed as n/a through 1.1.3). Impact: improper access control could all...
PT-2024-12673 · Miniorange · Miniorange Yourmembership Single Sign On
Name of the Vulnerable Software and Affected Versions: miniOrange YourMembership Single Sign On versions 1.1.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows the exploitation of incorrectly configured access control security levels...
WordPress plugin YourMembership Single Sign On 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...
CVE-2023-37986
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in miniOrange YourMembership Single Sign On – YM SSO Login plugin = 1.1.3 versions...
CVE-2023-37986
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in miniOrange YourMembership Single Sign On – YM SSO Login plugin = 1.1.3 versions...
CVE-2023-37986
CVE-2023-37986 affects the miniOrange YourMembership Single Sign On (YM SSO) Login WordPress plugin, versions