Armemberplugin Armember

5 CVEs affecting Armemberplugin Armember. Latest disclosed: 2023-10-20. Critical: 1, High: 1.

Top CVEs affecting Armemberplugin Armember
CVESeverityScorePublishedSummary
CVE-2022-42888Critical9.82022-12-06Unauth. Privilege Escalation vulnerability in ARMember premium plugin <= 5.5.1 on WordPress.
CVE-2022-1903High8.12022-06-27The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover (even the administrator) due to missing nonce and authorization checks in an AJAX…
CVE-2023-3011Medium6.52023-07-12The ARMember plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.0.5. This is due to missing or incorrect nonc…
CVE-2022-47421Medium5.92023-07-18Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember (free), Repute InfoSystems ARMember (premium) plugins.
CVE-2023-3996Medium4.42023-10-20The ARMember Lite - Membership Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 4.0.16 du…