Wclovers Wcfm Membership — known CVE vulnerabilities
Every CVE whose affected-product data names Wclovers Wcfm Membership, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-4939 — CVSS 9.8 (critical): THe WCFM Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including 2.10.0, due to a missing…
CVE-2023-2276 — CVSS 9.8 (critical): The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object…
CVE-2022-4940 — CVSS 7.3 (high): The WCFM Membership plugin for WordPress is vulnerable to unauthorized modification and access of data in versions up to, and including…
CVE-2022-4941 — CVSS 6.3 (medium): The WCFM Membership plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.9.10 due to…