Whyun Wpcom Member
5 CVEs affecting Whyun Wpcom Member. Latest disclosed: 2025-12-16. Critical: 2, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-1475 | Critical | 9.8 | 2025-03-07 | The WPCOM Member plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.7.5. This is due to insufficient verificat… |
CVE-2024-7493 | Critical | 9.8 | 2024-09-06 | The WPCOM Member plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.5.2.1. This is due to the plugin allowing a… |
CVE-2025-11920 | High | 8.8 | 2025-11-01 | The WPCOM Member plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.7.14 via the action parameter in one of its… |
CVE-2025-14002 | High | 8.1 | 2025-12-16 | The WPCOM Member plugin for WordPress is vulnerable to authentication bypass via brute force in all versions up to, and including, 1.7.16. This is due to weak… |
CVE-2025-2221 | High | 7.5 | 2025-03-14 | The WPCOM Member plugin for WordPress is vulnerable to time-based SQL Injection via the ‘user_phone’ parameter in all versions up to, and including, 1.7.6 due… |