CVE-2024-1852 — CVSS 7.2 (high): The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the X-Forwarded-For header in all…
CVE-2023-6733 — CVSS 6.5 (medium): The WP-Members Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including…
CVE-2024-1987 — CVSS 6.4 (medium): The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all…
CVE-2024-10374 — CVSS 6.4 (medium): The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpmem_loginout…
CVE-2017-2222 — CVSS 6.1 (medium): Cross-site scripting vulnerability in WP-Members prior to version 3.1.8 allows remote attackers to inject arbitrary web script or HTML via…
CVE-2024-9231 — CVSS 6.1 (medium): The WP-Members Membership Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg…
CVE-2025-14448 — CVSS 5.4 (medium): The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Multiple Checkbox and Multiple…
CVE-2023-2869 — CVSS 4.3 (medium): The WP-Members Membership plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on…