Wclovers Wcfm_membership

4 CVEs affecting Wclovers Wcfm_membership. Latest disclosed: 2023-05-20. Critical: 2, High: 1.

Top CVEs affecting Wclovers Wcfm_membership
CVESeverityScorePublishedSummary
CVE-2023-2276Critical9.82023-05-20The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object References in versions u…
CVE-2022-4939Critical9.82023-04-05THe WCFM Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including 2.10.0, due to a missing capability check on th…
CVE-2022-4940High7.32023-04-05The WCFM Membership plugin for WordPress is vulnerable to unauthorized modification and access of data in versions up to, and including, 2.10.0 due to missing…
CVE-2022-4941Medium6.32023-04-05The WCFM Membership plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.9.10 due to missing nonce checks on va…