| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-1461 | Simple Membership <= 4.7.0 - Unauthenticated Improper Handling of Missing Values | wpinsider-1 | Simple Membership | Medium | 6.5 | 2026-02-19 09:26:35 | Deep Dive |
| CVE-2026-25308 | WordPress Simple Membership plugin <= 4.6.9 - Broken Access Control vulnerability | wp.insider | Simple Membership | - | - | 2026-02-19 08:26:53 | Deep Dive |
| CVE-2026-24986 | WordPress Simple Membership WP user Import plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerability | wp.insider | Simple Membership WP user Import | - | - | 2026-02-03 14:08:36 | Deep Dive |
| CVE-2025-49333 | WordPress Simple Membership plugin <= 4.6.3 - Cross Site Scripting (XSS) Vulnerability | wp.insider | Simple Membership | Medium | 5.9 | 2025-06-06 12:53:58 | Deep Dive |
| CVE-2025-24660 | WordPress Simple Membership Custom Messages Plugin <= 2.4 - Reflected Cross Site Scripting (XSS) vulnerability | wp.insider | Simple Membership Custom Messages | High | 7.1 | 2025-02-03 14:22:49 | Deep Dive |
| CVE-2024-11088 | Simple Membership <= 4.5.5 - Exposure of Private Personal Information to an Unauthorized Actor | wpinsider-1 | Simple Membership | Medium | 5.3 | 2024-11-21 13:55:33 | Deep Dive |
| CVE-2024-49682 | WordPress Simple Membership plugin <= 4.5.3 - Open Redirection vulnerability | wp.insider | Simple Membership | Medium | 4.7 | 2024-10-24 11:36:25 | Deep Dive |
| CVE-2024-47354 | WordPress Simple Membership After Login Redirection plugin <= 1.6 - Open Redirection vulnerability | wp.insider | Simple Membership After Login Redirection | Medium | 4.7 | 2024-10-10 18:09:14 | Deep Dive |
| CVE-2023-41957 | WordPress Simple Membership plugin <= 4.3.4 - Unauthenticated Membership Role Privilege Escalation vulnerability | smp7, wp.insider | Simple Membership | High | 8.6 | 2024-05-17 06:56:38 | Deep Dive |
| CVE-2023-41956 | WordPress Simple Membership plugin <= 4.3.4 - Authenticated Account Takeover vulnerability | smp7, wp.insider | Simple Membership | High | 8.8 | 2024-05-17 06:55:53 | Deep Dive |
| CVE-2024-4383 | Simple Membership <= 4.4.5 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode | wpinsider-1 | Simple Membership | Medium | 6.4 | 2024-05-09 20:03:27 | Deep Dive |
| CVE-2024-3730 | Simple Membership <= 4.4.3 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode | wpinsider-1 | Simple Membership | Medium | 5.4 | 2024-04-25 11:00:22 | Deep Dive |
| CVE-2024-1985 | Simple Membership <= 4.4.2 - Unauthenticated Stored Self-Based Cross-Site Scripting | wpinsider-1 | Simple Membership | Medium | 4.7 | 2024-03-13 15:27:04 | Deep Dive |
| CVE-2024-22308 | WordPress Simple Membership Plugin <= 4.4.1 is vulnerable to Open Redirection | smp7, wp.insider | Simple Membership | Low | 3.4 | 2024-01-24 11:59:37 | Deep Dive |
| CVE-2023-6882 | Simple Membership <= 4.3.8 - Reflected Cross-Site Scripting Vulnerability via environment_mode | wpinsider-1 | Simple Membership | Medium | 6.1 | 2024-01-11 08:32:31 | Deep Dive |
| CVE-2023-50376 | WordPress Simple Membership Plugin <= 4.3.8 is vulnerable to Unauth. Reflected Cross Site Scripting (XSS) | smp7, wp.insider | Simple Membership | High | 7.1 | 2023-12-19 08:27:46 | Deep Dive |
| CVE-2023-5260 | SourceCodester Simple Membership System group_validator.php sql injection | SourceCodester | Simple Membership System | Medium | 6.3 | 2023-09-29 12:00:07 | Deep Dive |
| CVE-2023-5027 | SourceCodester Simple Membership System club_validator.php sql injection | SourceCodester | Simple Membership System | Medium | 6.3 | 2023-09-17 16:31:05 | Deep Dive |
| CVE-2023-4846 | SourceCodester Simple Membership System delete_member.php sql injection | SourceCodester | Simple Membership System | Medium | 6.3 | 2023-09-09 07:31:04 | Deep Dive |
| CVE-2023-4845 | SourceCodester Simple Membership System account_edit_query.php sql injection | SourceCodester | Simple Membership System | Medium | 6.3 | 2023-09-09 07:00:08 | Deep Dive |