Vulnerabilities > Simple Membership Plugin > Simple Membership > 4.3.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-24 | CVE-2024-22308 | Open Redirect vulnerability in Simple-Membership-Plugin Simple Membership URL Redirection to Untrusted Site ('Open Redirect') vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through 4.4.1. | 6.1 |
| 2024-01-11 | CVE-2023-6882 | Cross-site Scripting vulnerability in Simple-Membership-Plugin Simple Membership The Simple Membership plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘environment_mode’ parameter in all versions up to, and including, 4.3.8 due to insufficient input sanitization and output escaping. | 6.1 |
| 2023-12-19 | CVE-2023-50376 | Cross-site Scripting vulnerability in Simple-Membership-Plugin Simple Membership Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in smp7, wp.Insider Simple Membership allows Reflected XSS.This issue affects Simple Membership: from n/a through 4.3.8. | 6.1 |
| 2023-09-06 | CVE-2023-4719 | Unspecified vulnerability in Simple-Membership-Plugin Simple Membership The Simple Membership plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `list_type` parameter in versions up to, and including, 4.3.5 due to insufficient input sanitization and output escaping. | 6.1 |