Lucene search
K
LiquidwebRestrict Content

4 matches found

CVE
CVE
added 2023/11/23 12:5 a.m.90 views

CVE-2023-47668

The CVE concerns the StellarWP Membership Plugin – Restrict Content, affecting versions ≤ 3.2.7. The root cause is exposure of sensitive information to an unauthorised actor via the plugin’s legacy log mechanism (noted as legacy rcp-debug.log exposure). Practical impact is unauthenticated access ...

7.5CVSS6.2AI score0.01009EPSS
CVE
CVE
added 2025/01/26 6:41 a.m.59 views

CVE-2024-11090

CVE-2024-11090 affects the WordPress plugin “Membership Plugin – Restrict Content” (WordPress). Exposed versions: all up to and including 3.2.13. Root cause: the WordPress core search feature does not properly restrict access, allowing unauthenticated users to read restricted content. Impact: sen...

7.5CVSS5.3AI score0.00439EPSS
CVE
CVE
added 2023/07/17 1:29 p.m.54 views

CVE-2023-3182

CVE-2023-3182 affects the Membership Plugin – Restrict Content for WordPress, prior to version 3.2.3. The root cause is improper sanitisation/escaping of a parameter before it is echoed back on the page, enabling a reflected XSS against high-privilege users (e.g., admins). Public sources in conne...

6.1CVSS6.1AI score0.0042EPSS
Web
CVE
CVE
added 2026/01/16 9:23 a.m.19 views

CVE-2025-14844

The CVE refers to the WordPress Membership Plugin – Restrict Content (versions through 3.2.16) with Missing Authentication to Insecure Direct Object Reference and Sensitive Information Exposure. The flaw resides in rcp_stripe_create_setup_intent_for_saved_card where there is no proper capability ...

8.2CVSS5.3AI score0.00419EPSS