Vulnerability List

CVE ID	Title	Vendor	Product	Severity	CVSS Score	Published At	AI Analysis
CVE-2024-1819	CodeAstro Membership Management System Add Members Tab unrestricted upload	CodeAstro	Membership Management System	Medium	4.7	2024-02-23 14:31:07	Deep Dive
CVE-2024-1818	CodeAstro Membership Management System Logo unrestricted upload	CodeAstro	Membership Management System	Medium	4.7	2024-02-23 14:31:05	Deep Dive
CVE-2024-1389	Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.11.1 - Missing Authorization via pms_stripe_connect_handle_authorization_return	cozmoslabs	Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction	Medium	5.3	2024-02-20 18:56:46	Deep Dive
CVE-2024-1408	ProfilePress <= 4.14.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via [edit-profile-text-box] shortcode	properfraction	Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress	Medium	6.4	2024-02-20 18:56:34	Deep Dive
CVE-2024-1519	Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.14.4 - Unauthenticated Stored Cross-Site Scripting	properfraction	Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress	Medium	6.5	2024-02-20 18:56:31	Deep Dive
CVE-2024-1570	ProfilePress <= 4.14.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode	properfraction	Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress	Medium	6.4	2024-02-20 18:56:30	Deep Dive
CVE-2024-1390	Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.11.1 - Missing Authorization via creating_pricing_table_page	cozmoslabs	Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction	Medium	4.3	2024-02-20 18:56:20	Deep Dive
CVE-2024-0969	ARMember <= 4.0.24 - Improper Access Control to Sensitive Information Exposure via REST API	reputeinfosystems	ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup	Medium	5.3	2024-02-05 21:22:05	Deep Dive
CVE-2024-1046	Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.14.3 - Authenticated (Contributor+) Stored Cross-Site Scripting	properfraction	Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress	Medium	6.4	2024-02-05 21:21:51	Deep Dive
CVE-2024-24755	discourse-group-membership-ip-block is exposing potentially sensitive custom fields	discourse	discourse-group-membership-ip-block	Medium	4.3	2024-02-01 22:14:23	Deep Dive
CVE-2024-22158	WordPress PeepSo Core: Photos Plugin < 6.3.1.0 is vulnerable to Cross Site Scripting (XSS)	PeepSo	Community by PeepSo – Social Network, Membership, Registration, User Profiles	Medium	6.5	2024-01-31 18:15:01	Deep Dive
CVE-2024-22308	WordPress Simple Membership Plugin <= 4.4.1 is vulnerable to Open Redirection	smp7, wp.insider	Simple Membership	Low	3.4	2024-01-24 11:59:37	Deep Dive
CVE-2022-45083	WordPress ProfilePress Plugin <= 4.3.2 is vulnerable to PHP Object Injection	ProfilePress Membership Team	Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress	Medium	6.6	2024-01-19 14:37:19	Deep Dive
CVE-2022-40700	Server Side Request Forgery (SSRF) vulnerability affecting multiple WordPress plugins	Montonio	Montonio for WooCommerce	High	8.2	2024-01-19 14:30:11	Deep Dive
CVE-2023-6882	Simple Membership <= 4.3.8 - Reflected Cross-Site Scripting Vulnerability via environment_mode	wpinsider-1	Simple Membership	Medium	6.1	2024-01-11 08:32:31	Deep Dive
CVE-2023-52200	WordPress ARMember Plugin <= 4.0.22 is vulnerable to Cross Site Request Forgery (CSRF) leading to PHP Object Injection	Repute Infosystems	ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup	Critical	9.6	2024-01-08 19:18:44	Deep Dive
CVE-2023-6733	WP-Members Membership Plugin <= 3.4.8 - Missing Authorization to Sensitive Information Exposure	cbutlerjr	WP-Members Membership Plugin	Medium	6.5	2024-01-04 03:30:13	Deep Dive
CVE-2023-7132	code-projects Intern Membership Management System User Registration cross site scripting	code-projects	Intern Membership Management System	Low	3.5	2023-12-28 17:00:06	Deep Dive
CVE-2023-7131	code-projects Intern Membership Management System User Registration sql injection	code-projects	Intern Membership Management System	Medium	6.3	2023-12-28 16:31:04	Deep Dive
CVE-2023-47191	WordPress Youzify Plugin <= 1.2.2 is vulnerable to Insecure Direct Object References (IDOR)	KaineLabs	Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress	Medium	6.5	2023-12-21 18:26:53	Deep Dive

Goal Reached Thanks to every supporter — we hit 100%!

Vulnerability List