Vulnerabilities > Caseproof > Memberpress > 1.11.18

DATE CVE VULNERABILITY TITLE RISK
2025-04-22 CVE-2024-11299 Information Exposure vulnerability in Caseproof Memberpress
The Memberpress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.37 via the WordPress core search feature.
network
low complexity
caseproof CWE-200
7.5
7.5
2024-05-22 CVE-2024-5025 Cross-site Scripting vulnerability in Caseproof Memberpress
The Memberpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘arglist’ parameter in all versions up to, and including, 1.11.29 due to insufficient input sanitization and output escaping.
network
low complexity
caseproof CWE-79
5.4
5.4
2024-05-22 CVE-2024-5031 Server-Side Request Forgery (SSRF) vulnerability in Caseproof Memberpress
The Memberpress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.11.29 via the 'mepr-user-file' shortcode.
network
low complexity
caseproof CWE-918
6.4
6.4
2024-04-09 CVE-2024-1412 Cross-site Scripting vulnerability in Caseproof Memberpress
The Memberpress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘message’ and 'error' parameters in all versions up to, and including, 1.11.26 due to insufficient input sanitization and output escaping.
network
low complexity
caseproof CWE-79
6.1
6.1