Simple Membership Security Vulnerabilities and Issues — Simple Membership CVE List

Lucene search

Simple-membership-pluginSimple Membership

3 matches found

CVE•added 2024/11/21 2:15 p.m.•41 views

CVE-2024-11088

The Simple Membership plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5.5 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher...

7.5CVSS5.3AI score0.00189EPSS

CVE•added 2023/09/06 2:15 a.m.•33 views

CVE-2023-4719

The Simple Membership plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the list_type parameter in versions up to, and including, 4.3.5 due to insufficient input sanitization and output escaping. Using this vulnerability, unauthenticated attackers could inject arbitrary web s...

7.2CVSS6.2AI score0.00882EPSS

CVE•added 2023/12/19 9:15 a.m.•19 views

CVE-2023-50376

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in smp7, wp.Insider Simple Membership allows Reflected XSS.This issue affects Simple Membership: from n/a through 4.3.8.

7.1CVSS6.7AI score0.0011EPSS