Armemberplugin Armember
5 CVEs affecting Armemberplugin Armember. Latest disclosed: 2023-10-20. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-42888 | Critical | 9.8 | 2022-12-06 | Unauth. Privilege Escalation vulnerability in ARMember premium plugin <= 5.5.1 on WordPress. |
CVE-2022-1903 | High | 8.1 | 2022-06-27 | The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover (even the administrator) due to missing nonce and authorization checks in an AJAX… |
CVE-2023-3011 | Medium | 6.5 | 2023-07-12 | The ARMember plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.0.5. This is due to missing or incorrect nonc… |
CVE-2022-47421 | Medium | 5.9 | 2023-07-18 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember (free), Repute InfoSystems ARMember (premium) plugins. |
CVE-2023-3996 | Medium | 4.4 | 2023-10-20 | The ARMember Lite - Membership Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 4.0.16 du… |