Every CVE whose affected-product data names S2member, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2024-12562 — CVSS 9.8 (critical): The s2Member Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 241216 via…
CVE-2011-5082 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the s2Member Pro plugin before 111220 for WordPress allows remote attackers to inject arbitrary…