Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 263 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-12113 Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress By KaineLabs <= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Review Deletion youzifyYouzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress Medium 4.3 2025-01-25 07:24:16 Deep Dive
CVE-2025-23583 WordPress Explara Membership plugin <= 0.0.7 - Reflected Cross Site Scripting (XSS) vulnerability ExplaraExplara Membership High 7.1 2025-01-22 14:29:15 Deep Dive
CVE-2025-0308 Ultimate Member <= 2.9.1 - Unauthenticated SQL Injection ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin High 7.5 2025-01-18 05:33:50 Deep Dive
CVE-2025-0318 Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin <= 2.9.1 - Information Exposure ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Medium 5.3 2025-01-18 05:33:49 Deep Dive
CVE-2024-12919 Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.7 - Authentication Bypass via pms_payment_id cozmoslabsPaid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction Critical 9.8 2025-01-14 09:21:55 Deep Dive
CVE-2024-11291 Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.4 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure cozmoslabsPaid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction Medium 5.3 2024-12-18 11:09:32 Deep Dive
CVE-2024-12287 Biagiotti Membership <= 1.0.2 - Authentication Bypass via biagiotti_membership_check_facebook_user Mikado-ThemesBiagiotti Membership Critical 9.8 2024-12-18 07:02:45 Deep Dive
CVE-2024-11294 Memberful <= 1.73.9 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure memberfulMemberful – Membership Plugin Medium 5.3 2024-12-17 08:22:46 Deep Dive
CVE-2024-10518 ProfilePress < 4.15.15 - Admin+ Stored XSS UnknownPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content 中危 -2024-12-12 06:00:18 Deep Dive
CVE-2024-10517 ProfilePress < 4.15.15 - Admin+ Stored XSS UnknownPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content 中危 -2024-12-12 06:00:17 Deep Dive
CVE-2024-11351 Restrict – membership, site, content and user access restrictions for WordPress <= 2.2.8 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure tickeraRestrict – membership, site, content and user access restrictions for WordPress Medium 5.3 2024-12-11 12:24:19 Deep Dive
CVE-2024-11008 Members <= 3.2.10 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure supercleanseMembers – Membership & User Role Editor Plugin Medium 5.3 2024-12-11 10:57:29 Deep Dive
CVE-2023-41953 WordPress ProfilePress plugin <= 4.13.1 - Broken Access Control vulnerability ProfilePress Membership TeamProfilePress Medium 5.3 2024-12-09 13:16:50 Deep Dive
CVE-2024-10681 ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup <= 4.0.51 - Authenticated (Subscriber+) Arbitrary Shortcode Execution reputeinfosystemsARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup Medium 6.3 2024-12-06 09:23:00 Deep Dive
CVE-2024-11083 ProfilePress <= 4.15.18 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 5.3 2024-11-27 05:31:54 Deep Dive
CVE-2024-10537 WP User Manager – User Profile Builder & Membership <= 2.9.11 - Missing Authorization to Authenticated (Subscriber+) User Meta Key Enumeration wpusermanagerWP User Manager – User Profile Builder & Membership Medium 4.3 2024-11-23 03:25:51 Deep Dive
CVE-2024-10216 WP User Manager – User Profile Builder & Membership <= 2.9.11 - Missing Authorization to Carbon Fields Custom Sidebar Addition/Removal wpusermanagerWP User Manager – User Profile Builder & Membership Medium 4.3 2024-11-23 03:25:48 Deep Dive
CVE-2024-11088 Simple Membership <= 4.5.5 - Exposure of Private Personal Information to an Unauthorized Actor wpinsider-1Simple Membership Medium 5.3 2024-11-21 13:55:33 Deep Dive
CVE-2024-10528 Ultimate Member <= 2.8.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Profile Picture Update ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Medium 4.3 2024-11-21 05:33:49 Deep Dive
CVE-2024-10261 Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.0 - Unauthenticated Arbitrary Shortcode Execution cozmoslabsPaid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction High 7.3 2024-11-09 11:19:46 Deep Dive