Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
simple-membership-plugin vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2016-10884
The simple-membership plugin prior to 3.3.3 for WordPress has multiple CSRF issues.
Simple-membership-plugin Simple Membership
8.8
CVSSv3
CVE-2019-14328
The Simple Membership plugin prior to 3.8.5 for WordPress has CSRF affecting the Bulk Operation section.
Simple-membership-plugin Simple Membership
1 EDB exploit
6.1
CVSSv3
CVE-2017-18499
The simple-membership plugin prior to 3.5.7 for WordPress has XSS.
Simple-membership-plugin Simple Membership
4.9
CVSSv3
CVE-2023-0254
The Simple Membership WP user Import plugin for WordPress is vulnerable to SQL Injection via the ‘orderby’ parameter in versions up to, and including, 1.7 due to insufficient escaping on the user supplied parameter. This makes it possible for authenticated attackers w...
Simple-membership-plugin Simple Membership Wp User Import
NA
CVE-2024-3730
The Simple Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'swpm_paypal_subscription_cancel_link' shortcode in all versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping on user ...
6.4
CVSSv3
CVE-2024-4383
The Simple Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'swpm_paypal_subscription_cancel_link' shortcode in all versions up to, and including, 4.4.5 due to insufficient input sanitization and output escaping on user ...
NA
CVE-2024-1985
The Simple Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Display Name' parameter in all versions up to, and including, 4.4.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated ma...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2