Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

cbutlerjr — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting cbutlerjr. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by cbutlerjr:WP-Members Membership Plugin
CVE IDTitleCVSSSeverityPublished
CVE-2026-2363 WP-Members Membership Plugin <= 3.5.5.1 - Authenticated (Contributor+) SQL Injection via 'order_by' Shortcode Attribute — WP-Members Membership PluginCWE-89 6.5 Medium2026-03-04
CVE-2025-14448 WP-Members Membership Plugin <= 3.5.4.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Multiple Checkbox and Multiple Select User Profile Fields — WP-Members Membership PluginCWE-79 5.4 Medium2026-01-15
CVE-2025-12648 WP-Members Membership Plugin <= 3.5.4.4 - Unauthenticated Information Exposure via Unprotected Files — WP-Members Membership PluginCWE-552 5.3 Medium2026-01-07
CVE-2025-9489 WP-Members Membership Plugin <= 3.5.4.2 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Profile Names — WP-Members Membership PluginCWE-94 5.0 Medium2025-09-09
CVE-2025-7495 WP-Members <= 3.5.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — WP-Members Membership PluginCWE-79 6.4 Medium2025-07-22
CVE-2025-4610 WP-Members <= 3.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpmem_user_memberships Shortcode — WP-Members Membership PluginCWE-79 6.4 Medium2025-05-17
CVE-2024-10374 WP-Members <= 3.4.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpmem_loginout Shortcode — WP-Members Membership PluginCWE-79 6.4 Medium2024-10-25
CVE-2024-9231 WP-Members Membership Plugin <= 3.4.9.5 - Reflected Cross-Site Scripting — WP-Members Membership PluginCWE-79 6.1 Medium2024-10-22
CVE-2024-2920 WP-Members Membership Plugin <= 3.4.9.3 - Unprotected Storage of Potentially Sensitive Files — WP-Members Membership PluginCWE-200 5.3 Medium2024-04-26
CVE-2024-1852 WP-Members Membership Plugin <= 3.4.9.2 - Unauthenticated Stored Cross-Site Scripting — WP-Members Membership PluginCWE-79 7.2 High2024-04-09
CVE-2024-1987 WP-Members Membership Plugin <= 3.4.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — WP-Members Membership PluginCWE-79 6.4 Medium2024-03-08
CVE-2023-6733 WP-Members Membership Plugin <= 3.4.8 - Missing Authorization to Sensitive Information Exposure — WP-Members Membership PluginCWE-284 6.5 Medium2024-01-04
CVE-2023-2869 WP-Members Membership <= 3.4.7.3 - Missing Authorization to Settings Update — WP-Members Membership PluginCWE-862 4.3 Medium2023-07-12

This page lists every published CVE security advisory associated with cbutlerjr. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.