Vulnerabilities > WP Members Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-04 | CVE-2023-6733 | Missing Authorization vulnerability in Wp-Members Project Wp-Members The WP-Members Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.8 via the wpmem_field shortcode. | 6.5 |
2023-07-12 | CVE-2023-2869 | Unspecified vulnerability in Wp-Members Project Wp-Members The WP-Members Membership plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the do_field_reorder function in versions up to, and including, 3.4.7.3. | 4.3 |
2019-08-27 | CVE-2019-15660 | Cross-Site Request Forgery (CSRF) vulnerability in Wp-Members Project Wp-Members The wp-members plugin before 3.2.8 for WordPress has CSRF. | 6.8 |
2017-07-07 | CVE-2017-2222 | Cross-site Scripting vulnerability in Wp-Members Project Wp-Members 3.1.7 Cross-site scripting vulnerability in WP-Members prior to version 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |