Caseproof Memberpress
5 CVEs affecting Caseproof Memberpress. Latest disclosed: 2025-04-22. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-5031 | High | 8.5 | 2024-05-22 | The Memberpress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.11.29 via the 'mepr-user-file'… |
CVE-2024-43956 | Medium | 6.5 | 2024-11-01 | Missing Authorization vulnerability in Caseproof, LLC Memberpress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Memberpres… |
CVE-2024-5025 | Medium | 6.4 | 2024-05-22 | The Memberpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘arglist’ parameter in all versions up to, and including, 1.11.29 due… |
CVE-2024-1412 | Medium | 6.1 | 2024-04-09 | The Memberpress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘message’ and 'error' parameters in all versions up to, and includ… |
CVE-2024-11299 | Medium | 5.3 | 2025-04-22 | The Memberpress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.37 via the WordPress core searc… |