Wclovers Wcfm_membership
4 CVEs affecting Wclovers Wcfm_membership. Latest disclosed: 2023-05-20. Critical: 2, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-2276 | Critical | 9.8 | 2023-05-20 | The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object References in versions u… |
CVE-2022-4939 | Critical | 9.8 | 2023-04-05 | THe WCFM Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including 2.10.0, due to a missing capability check on th… |
CVE-2022-4940 | High | 7.3 | 2023-04-05 | The WCFM Membership plugin for WordPress is vulnerable to unauthorized modification and access of data in versions up to, and including, 2.10.0 due to missing… |
CVE-2022-4941 | Medium | 6.3 | 2023-04-05 | The WCFM Membership plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.9.10 due to missing nonce checks on va… |