| CVE-2024-10261 | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.0 - Unauthenticated Arbitrary Shortcode Execution | cozmoslabs | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction | High | 7.3 | 2024-11-09 11:19:46 | Deep Dive |
| CVE-2024-9222 | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.12.8 - Reflected Cross-Site Scripting | cozmoslabs | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction | Medium | 6.1 | 2024-10-02 07:35:28 | Deep Dive |
| CVE-2024-8793 | Store Exporter for WooCommerce – Export Products, Export Orders, Export Subscriptions, and More <= 2.7.2.1 - Reflected Cross-Site Scripting | jkohlbach | Store Exporter – Export WooCommerce Products, Orders, Subscriptions, Customers | Medium | 6.1 | 2024-10-01 08:30:16 | Deep Dive |
| CVE-2022-2439 | Easy Digital Downloads – Simple eCommerce for Selling Digital Files <= 3.3.3 - Authenticated (Admin+) PHAR Deserialization | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | High | 7.2 | 2024-09-24 03:06:39 | Deep Dive |
| CVE-2024-6692 | Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.3.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Agreement Text | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Low | 3.3 | 2024-08-10 02:01:23 | Deep Dive |
| CVE-2024-6691 | Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.3.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Currency Settings | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 4.4 | 2024-08-10 02:01:20 | Deep Dive |
| CVE-2024-1407 | Paid Memberships Pro <= 2.12.10 - Cross-Site Request Forgery to Membership Modification | strangerstudios | Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions | Medium | 5.4 | 2024-06-19 06:55:47 | Deep Dive |
| CVE-2024-3215 | Paid Memberships Pro <= 3.0.1 - Cross-Site Request Forgery | strangerstudios | Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions | Medium | 5.3 | 2024-05-02 16:52:30 | Deep Dive |
| CVE-2024-32728 | WordPress Paid Membership Subscriptions plugin <= 2.11.0 - Cross Site Request Forgery (CSRF) vulnerability | Cozmoslabs | Paid Member Subscriptions | Medium | 4.3 | 2024-04-24 14:59:23 | Deep Dive |
| CVE-2024-0899 | s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions <= 230815 - Information Exposure | clavaque | s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions | Medium | 5.3 | 2024-04-09 18:59:03 | Deep Dive |
| CVE-2024-0588 | Paid Memberships Pro <= 2.12.10 - Cross-Site Request Forgery | strangerstudios | Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions | Medium | 4.3 | 2024-04-09 18:58:55 | Deep Dive |
| CVE-2024-2302 | Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.2.9 - Sensitive Information Exposure | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 5.3 | 2024-04-09 18:58:30 | Deep Dive |
| CVE-2023-51522 | WordPress Paid Membership Subscriptions plugin <= 2.10.4 - Cross Site Request Forgery (CSRF) vulnerability | Cozmoslabs | Paid Member Subscriptions | Medium | 4.3 | 2024-03-15 14:21:50 | Deep Dive |
| CVE-2024-1389 | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.11.1 - Missing Authorization via pms_stripe_connect_handle_authorization_return | cozmoslabs | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction | Medium | 5.3 | 2024-02-20 18:56:46 | Deep Dive |
| CVE-2024-1390 | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.11.1 - Missing Authorization via creating_pricing_table_page | cozmoslabs | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction | Medium | 4.3 | 2024-02-20 18:56:20 | Deep Dive |
| CVE-2024-0624 | Paid Memberships Pro <= 2.12.7 - Cross-Site Request Forgery to Level Orders Update | strangerstudios | Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions | Medium | 5.3 | 2024-01-25 01:55:03 | Deep Dive |
| CVE-2023-6855 | Paid Memberships Pro <= 2.12.5 - Missing Authorization via API | strangerstudios | Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions | Medium | 5.3 | 2024-01-11 08:32:32 | Deep Dive |
| CVE-2023-35914 | WordPress WooCommerce Subscriptions Plugin <= 5.1.2 is vulnerable to Insecure Direct Object References (IDOR) | WooCommerce | Woo Subscriptions | High | 7.5 | 2023-12-20 15:18:16 | Deep Dive |
| CVE-2023-6187 | Paid Memberships Pro <= 2.12.3 - Authenticated (Subscriber+) Arbitrary File Upload | strangerstudios | Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions | High | 7.5 | 2023-11-18 01:54:35 | Deep Dive |
| CVE-2023-46822 | WordPress WooCommerce – Store Exporter Plugin <= 2.7.2 is vulnerable to Cross Site Scripting (XSS) | Visser Labs | Store Exporter for WooCommerce – Export Products, Export Orders, Export Subscriptions, and More | 中危 | - | 2023-11-06 09:30:18 | Deep Dive |