| CVE-2025-8102 | Easy Digital Downloads <= 3.5.0 - Cross-Site Request Forgery to Plugin Deactivation via edd_sendwp_disconnect and edd_sendwp_remote_install Functions | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 5.4 | 2025-08-20 11:26:10 | Deep Dive |
| CVE-2025-54017 | WordPress Paid Member Subscriptions <= 2.15.4 - Local File Inclusion Vulnerability | Cozmoslabs | Paid Member Subscriptions | High | 7.5 | 2025-08-20 08:03:03 | Deep Dive |
| CVE-2025-49870 | WordPress Paid Member Subscriptions plugin <= 2.15.1 - SQL Injection Vulnerability | Cozmoslabs | Paid Member Subscriptions | High | 7.5 | 2025-07-04 11:17:58 | Deep Dive |
| CVE-2025-5937 | MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet <= 3.2.0 - Cross-Site Request Forgery to Settings Reset | videowhisper | MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet | Medium | 4.3 | 2025-06-28 07:25:06 | Deep Dive |
| CVE-2025-4670 | Easy Digital Downloads <= 3.3.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via edd_receipt Shortcode | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 6.4 | 2025-05-29 08:22:03 | Deep Dive |
| CVE-2025-31088 | WordPress Paid Member Subscriptions plugin <= 2.14.3 - Cross Site Scripting (XSS) Vulnerability | Cozmoslabs | Paid Member Subscriptions | Medium | 6.5 | 2025-03-28 09:39:55 | Deep Dive |
| CVE-2025-30900 | WordPress Zoho Billing – Embed Payment Form plugin <= 4.0 - Stored Cross Site Scripting (XSS) vulnerability | Zoho Subscriptions | Zoho Billing – Embed Payment Form | Medium | 6.5 | 2025-03-27 10:55:50 | Deep Dive |
| CVE-2025-2252 | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy <= 3.3.6.1 - Unauthenticated Private Post Title Disclosure | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 5.3 | 2025-03-25 07:04:55 | Deep Dive |
| CVE-2025-30523 | WordPress Super Simple Subscriptions plugin <= 1.1.0 - SQL Injection vulnerability | Marcel-NL | Super Simple Subscriptions | High | 7.6 | 2025-03-24 13:46:38 | Deep Dive |
| CVE-2024-13560 | Subscriptions & Memberships for PayPal <= 1.1.6 - Cross-Site Request Forgery to Arbitrary Post Deletion | scottpaterson | Subscriptions & Memberships for PayPal | Medium | 4.3 | 2025-02-26 08:21:56 | Deep Dive |
| CVE-2024-11376 | s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions <= 241216 - Reflected Cross-Site Scripting | clavaque | s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions | Medium | 6.1 | 2025-02-18 07:28:12 | Deep Dive |
| CVE-2024-13517 | Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.3.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Title | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 4.4 | 2025-01-18 07:05:09 | Deep Dive |
| CVE-2024-13391 | MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Tokens Wallet <= 2.9.29 - Authenticated (Contributor+) Stored Cross-Site Scripting | videowhisper | MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet | Medium | 6.4 | 2025-01-18 07:05:06 | Deep Dive |
| CVE-2024-12919 | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.7 - Authentication Bypass via pms_payment_id | cozmoslabs | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction | Critical | 9.8 | 2025-01-14 09:21:55 | Deep Dive |
| CVE-2023-50850 | WordPress Woo Subscriptions plugin < 5.8.0 - Broken Access Control vulnerability | Woo | WooCommerce Subscriptions | Medium | 4.3 | 2024-12-31 12:46:11 | Deep Dive |
| CVE-2024-12875 | Easy Digital Downloads <= 3.3.2 - Authenticated (Admin+) Arbitrary File Download | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 4.9 | 2024-12-21 11:22:45 | Deep Dive |
| CVE-2024-11291 | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.4 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure | cozmoslabs | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction | Medium | 5.3 | 2024-12-18 11:09:32 | Deep Dive |
| CVE-2024-9654 | Easy Digital Downloads 3.1 - 3.3.4 - Improper Authorization to Paywall Bypass | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Low | 3.7 | 2024-12-17 11:10:19 | Deep Dive |
| CVE-2024-8326 | s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions <= 241114 - Authenticated (Contributor+) Sensitive Information Exposure | clavaque | s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions | High | 8.8 | 2024-12-17 09:22:41 | Deep Dive |
| CVE-2024-11683 | Newsletter Subscriptions <= 2.1 - Reflected Cross-Site Scripting | hanif-khan | Newsletter Subscriptions | Medium | 6.1 | 2024-12-12 03:23:12 | Deep Dive |