Butlerblog Wp-members

9 CVEs affecting Butlerblog Wp-members. Latest disclosed: 2026-01-15. Critical: 0, High: 2.

Top CVEs affecting Butlerblog Wp-members
CVESeverityScorePublishedSummary
CVE-2019-15660High8.82019-08-27The wp-members plugin before 3.2.8 for WordPress has CSRF.
CVE-2024-1852High7.22024-04-09The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the X-Forwarded-For header in all versions up to, and in…
CVE-2023-6733Medium6.52024-01-04The WP-Members Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.8 via the wpmem…
CVE-2024-10374Medium6.42024-10-25The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpmem_loginout shortcode in all versions up…
CVE-2024-1987Medium6.42024-03-08The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and inc…
CVE-2024-9231Medium6.12024-10-22The WP-Members Membership Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escap…
CVE-2017-2222Medium6.12017-07-07Cross-site scripting vulnerability in WP-Members prior to version 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2025-14448Medium5.42026-01-15The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Multiple Checkbox and Multiple Select user profile f…
CVE-2023-2869Medium4.32023-07-12The WP-Members Membership plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the do_field_reorder f…