CVE-2022-1903 — CVSS 8.1 (high): The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover (even the administrator) due to missing nonce and…
CVE-2023-3011 — CVSS 6.5 (medium): The ARMember plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.0.5. This is due to…
CVE-2023-3996 — CVSS 4.4 (medium): The ARMember Lite - Membership Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and…