14 matches found
CVE-2024-0969
ARMember for WordPress
CVE-2024-32948
CVE-2024-32948 corresponds to a Missing Authorization vulnerability in ARMember (Repute Infosystems) affecting ARMember up to version 4.0.28. The vulnerability is categorized as network-exploitable with no user interaction, enabling an attacker with no privileges to access or modify restricted re...
CVE-2024-30223
CVE-2024-30223 affects the WordPress ARMember plugin up to version 4.0.26, caused by unauthenticated PHP Object Injection via deserialization of untrusted input. Affected component: ARMember (WordPress plugin). Root cause: deserialization of untrusted data leading to PHP object injection. Impact ...
CVE-2024-27995
CVE-2024-27995 (ARMember) : The vulnerability is an authenticated (Administrator+) stored cross-site scripting flaw in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup. The issue arises from improper neutralization of input during web...
CVE-2024-30222
CVE-2024-30222 affects ARMember WordPress plugin versions
CVE-2023-51356
CVE-2023-51356 corresponds to an Imp roper Privilege Management vulnerability in Repute Infosystems ARMember (WordPress plugin) affecting ARMember up to version 4.0.10. The issue allows Privilege Escalation for authenticated users (Subscriber+). The CVE details in connected sources indicate that ...
CVE-2022-46808
CVE-2022-46808 affects ARMember (armember-membership) for WordPress. Description confirms an unauthenticated SQL Injection due to improper neutralization, impacting ARMember versions up to 3.4.11. The vulnerability is classified as high severity (NVD metrics show CVSS v3.1 base score 9.8; PatchSt...
CVE-2022-47424
CVE-2022-47424 is a CSRF vulnerability in Repute InfoSystems ARMember (and ARMember Premium). Affected: ARMember up to version 4.0.5; ARMember Premium up to 6.7.0.x (before 6.7.1). Root cause is Cross-Site Request Forgery enabling unauthorized actions. Remediation: update ARMember to 4.0.6 or lat...
CVE-2023-39994
CVE-2023-39994 affects Repute InfoSystems ARMember Premium (WordPress plugin) up to version 5.9.2, via a Missing Authorization/Broken Access Control issue. The ARMember entry lists affected versions as
CVE-2023-33323
CVE-2023-33323 describes a Stored XSS in Repute InfoSystems ARMember plugin for WordPress, affecting versions
CVE-2023-52200
CVE-2023-52200 affects ARMember
CVE-2022-47140
CVE-2022-47140: Unauthenticated reflected XSS in Repute InfoSystems ARMember WordPress plugin prior to 4.0.1. Affected software: ARMember plugin for WordPress (versions
CVE-2023-47837
CVE-2023-47837 . Affected: WordPress ARMember plugin versions up to and including 4.0.10. Issue: Improper Privilege Management allowing Privilege Escalation for subscribers with low privileges. Root cause and impact as described in connected sources align on a membership plan bypass vulnerability...
CVE-2022-47425
ARMember for WordPress