Vulnerabilities > Simple Membership Plugin > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-01 | CVE-2022-2273 | Unspecified vulnerability in Simple-Membership-Plugin Simple Membership The Simple Membership WordPress plugin before 4.1.3 does not properly validate the membership_level parameter when editing a profile, allowing members to escalate to a higher membership level by using a crafted POST request. | 8.8 |
| 2019-08-14 | CVE-2016-10884 | Cross-Site Request Forgery (CSRF) vulnerability in Simple-Membership-Plugin Simple Membership The simple-membership plugin before 3.3.3 for WordPress has multiple CSRF issues. | 8.8 |
| 2019-07-28 | CVE-2019-14328 | Cross-Site Request Forgery (CSRF) vulnerability in Simple-Membership-Plugin Simple Membership The Simple Membership plugin before 3.8.5 for WordPress has CSRF affecting the Bulk Operation section. | 8.8 |