Whyun Wpcom Member

5 CVEs affecting Whyun Wpcom Member. Latest disclosed: 2025-12-16. Critical: 2, High: 3.

Top CVEs affecting Whyun Wpcom Member
CVESeverityScorePublishedSummary
CVE-2025-1475Critical9.82025-03-07The WPCOM Member plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.7.5. This is due to insufficient verificat…
CVE-2024-7493Critical9.82024-09-06The WPCOM Member plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.5.2.1. This is due to the plugin allowing a…
CVE-2025-11920High8.82025-11-01The WPCOM Member plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.7.14 via the action parameter in one of its…
CVE-2025-14002High8.12025-12-16The WPCOM Member plugin for WordPress is vulnerable to authentication bypass via brute force in all versions up to, and including, 1.7.16. This is due to weak…
CVE-2025-2221High7.52025-03-14The WPCOM Member plugin for WordPress is vulnerable to time-based SQL Injection via the ‘user_phone’ parameter in all versions up to, and including, 1.7.6 due…