Vulnerabilities > WP Members Project > WP Members > 3.2.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-04 | CVE-2023-6733 | Missing Authorization vulnerability in Wp-Members Project Wp-Members The WP-Members Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.8 via the wpmem_field shortcode. | 6.5 |
2023-07-12 | CVE-2023-2869 | Unspecified vulnerability in Wp-Members Project Wp-Members The WP-Members Membership plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the do_field_reorder function in versions up to, and including, 3.4.7.3. | 4.3 |
2019-08-27 | CVE-2019-15660 | Cross-Site Request Forgery (CSRF) vulnerability in Wp-Members Project Wp-Members The wp-members plugin before 3.2.8 for WordPress has CSRF. | 6.8 |