Vulnerabilities > S2Member

DATE CVE VULNERABILITY TITLE RISK
2025-02-15 CVE-2024-12562 Deserialization of Untrusted Data vulnerability in S2Member
The s2Member Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 241216 via deserialization of untrusted input from the 's2member_pro_remote_op' vulnerable parameter.
network
low complexity
s2member CWE-502
critical
9.8