Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 263 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-10547 WP Membership <= 1.6.2 - Unauthenticated Arbitrary File Upload e-pluginsWP Membership Critical 9.8 2024-11-09 07:35:05 Deep Dive
CVE-2024-10374 WP-Members <= 3.4.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpmem_loginout Shortcode cbutlerjrWP-Members Membership Plugin Medium 6.4 2024-10-25 11:36:10 Deep Dive
CVE-2024-49682 WordPress Simple Membership plugin <= 4.5.3 - Open Redirection vulnerability wp.insiderSimple Membership Medium 4.7 2024-10-24 11:36:25 Deep Dive
CVE-2024-9231 WP-Members Membership Plugin <= 3.4.9.5 - Reflected Cross-Site Scripting cbutlerjrWP-Members Membership Plugin Medium 6.1 2024-10-22 09:32:10 Deep Dive
CVE-2024-49226 WordPress TAKETIN To WP Membership plugin <= 2.8.17 - PHP Object Injection vulnerability taketinTAKETIN To WP Membership 高危 -2024-10-16 13:19:11 Deep Dive
CVE-2020-36833 Indeed Membership Pro 7.3 - 8.6 - Missing Authorization Checks wpindeedIndeed Membership Pro Medium 6.3 2024-10-16 06:43:41 Deep Dive
CVE-2020-36832 Indeed Membership Pro 7.3 - 8.6 - Authentication Bypass wpindeedIndeed Membership Pro Critical 9.8 2024-10-16 06:43:38 Deep Dive
CVE-2022-4974 Freemius SDK <= 2.4.2 - Missing Authorization Checks dashlabsltdYASR – Yet Another Star Rating Plugin for WordPress Medium 6.3 2024-10-16 06:43:30 Deep Dive
CVE-2024-9873 Community by PeepSo <= 6.4.6.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting peepsoCommunity by PeepSo – Download from PeepSo.com Medium 5.4 2024-10-16 05:31:56 Deep Dive
CVE-2024-47354 WordPress Simple Membership After Login Redirection plugin <= 1.6 - Open Redirection vulnerability wp.insiderSimple Membership After Login Redirection Medium 4.7 2024-10-10 18:09:14 Deep Dive
CVE-2024-9067 Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.3.0 - Missing Authorization to Arbitrary (Subscriber+) Attachment Deletion youzifyYouzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress Medium 4.3 2024-10-10 02:06:13 Deep Dive
CVE-2024-8987 Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via youzify_media Shortcode youzifyYouzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress Medium 6.4 2024-10-10 02:06:05 Deep Dive
CVE-2024-9242 Memberful – Membership Plugin <= 1.73.7 - Authenticated (contributor+) Stored Cross-Site Scripting memberfulMemberful – Membership Plugin Medium 6.4 2024-10-04 05:30:18 Deep Dive
CVE-2024-8519 Ultimate Member <= 2.8.6 - Authenticated (Contributor+) Stored Cross-Site Scripting ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Medium 6.4 2024-10-04 02:32:23 Deep Dive
CVE-2024-8520 Ultimate Member <= 2.8.6 - Cross-Site Request Forgery to Membership Status Change ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Medium 5.3 2024-10-04 02:32:22 Deep Dive
CVE-2024-9222 Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.12.8 - Reflected Cross-Site Scripting cozmoslabsPaid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction Medium 6.1 2024-10-02 07:35:28 Deep Dive
CVE-2024-7426 Community by PeepSo – Social Network, Membership, Registration, User Profiles <= 6.4.6.0 - Unauthenticated Full Path Disclosure peepsoCommunity by PeepSo – Download from PeepSo.com Medium 5.3 2024-09-25 02:05:05 Deep Dive
CVE-2024-7618 Community by PeepSo – Social Network, Membership, Registration, User Profiles <= 6.4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via content Parameter peepsoCommunity by PeepSo – Download from PeepSo.com Medium 4.4 2024-09-10 07:30:04 Deep Dive
CVE-2024-7655 Community by PeepSo – Social Network, Membership, Registration, User Profiles <= 6.4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting peepsoCommunity by PeepSo – Download from PeepSo.com Medium 4.4 2024-09-10 07:30:04 Deep Dive
CVE-2024-43242 WordPress Indeed Ultimate Membership Pro plugin <= 12.7 - Unauthenticated PHP Object Injection vulnerability azzarocoUltimate Membership Pro--2024-08-19 17:09:19 Deep Dive