Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
simple-membership-plugin vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2022-1724
The Simple Membership WordPress plugin prior to 4.1.1 does not properly sanitise and escape parameters before outputting them back in AJAX actions, leading to Reflected Cross-Site Scripting
Simple-membership-plugin Simple Membership
4.3
CVSSv2
CVE-2022-0681
The Simple Membership WordPress plugin prior to 4.1.0 does not have CSRF check in place when deleting Transactions, which could allow malicious users to make a logged in admin delete arbitrary transactions via a CSRF attack
Simple-membership-plugin Simple Membership
4.3
CVSSv2
CVE-2022-0328
The Simple Membership WordPress plugin prior to 4.0.9 does not have CSRF check when deleting members in bulk, which could allow malicious users to make a logged in admin delete them via a CSRF attack
Simple-membership-plugin Simple Membership
6.8
CVSSv2
CVE-2016-10884
The simple-membership plugin prior to 3.3.3 for WordPress has multiple CSRF issues.
Simple-membership-plugin Simple Membership
4.3
CVSSv2
CVE-2017-18499
The simple-membership plugin prior to 3.5.7 for WordPress has XSS.
Simple-membership-plugin Simple Membership
6.8
CVSSv2
CVE-2019-14328
The Simple Membership plugin prior to 3.8.5 for WordPress has CSRF affecting the Bulk Operation section.
Simple-membership-plugin Simple Membership
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2