All 3 CVE vulnerabilities found in CRM Memberships, with AI-generated Chinese analysis, references, and POCs.
Vendor: NTZApps
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-13312 | CRM Memberships <= 2.5 - Missing Authorization to Unauthenticated 'ntzcrm_add_new_tag' AJAX Action CWE-862 | 5.3 | Medium | 2025-12-05 |
| CVE-2025-13313 | CRM Memberships <= 2.6 - Missing Authorization to Privilege Escalation via Unauthenticated Password Reset in 'ntzcrm_changepassword' AJAX Endpoint CWE-862 | 9.8 | Critical | 2025-12-05 |
| CVE-2023-27427 | WordPress CRM Memberships Plugin <= 1.6 is vulnerable to Cross Site Scripting (XSS) CWE-79 | 5.9 | Medium | 2023-06-23 |
All 3 known CVE vulnerabilities affecting CRM Memberships with full Chinese analysis, references, and POCs where available.