All 3 CVE vulnerabilities found in s2Member Pro, with AI-generated Chinese analysis, references, and POCs.
Vendor: WP Sharks
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-12563 | s2Member Pro <= 250214 - Authenticated (Contributor+) Local File Inclusion to Remote Code Execution via Shortcode CWE-98 | 8.8 | High | 2025-03-18 |
| CVE-2024-12562 | s2Member Pro <= 241216 - Unauthenticated PHP Object Injection CWE-502 | 9.8 | Critical | 2025-02-15 |
| CVE-2024-31237 | WordPress s2Member plugin <= 240315 - Privilege Escalation vulnerability CWE-269 | 7.5 | High | 2024-05-17 |
All 3 known CVE vulnerabilities affecting s2Member Pro with full Chinese analysis, references, and POCs where available.