Vulnerabilities > Memberful

DATE CVE VULNERABILITY TITLE RISK
2024-10-04 CVE-2024-9242 Cross-site Scripting vulnerability in Memberful
The Memberful – Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'memberful_buy_subscription_link' and 'memberful_podcasts_link' shortcodes in all versions up to, and including, 1.73.7 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
memberful CWE-79
5.4