Wp.insider Simple Membership
5 CVEs affecting Wp.insider Simple Membership. Latest disclosed: 2026-06-15. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-34886 | High | 7.5 | 2026-06-15 | Unauthenticated Broken Access Control in Simple Membership <= 4.7.1 versions. |
CVE-2026-42663 | Medium | 6.5 | 2026-06-15 | Unauthenticated Cross Site Scripting (XSS) in Simple Membership <= 4.7.2 versions. |
CVE-2025-49333 | Medium | 5.9 | 2025-06-06 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wp.insider Simple Membership simple-membership allows Sto… |
CVE-2024-49682 | Medium | 4.7 | 2024-10-24 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in wp.insider Simple Membership simple-membership allows Phishing.This issue affects Simple M… |
CVE-2026-25308 | Medium | 4.3 | 2026-02-19 | Missing Authorization vulnerability in wp.insider Simple Membership simple-membership allows Exploiting Incorrectly Configured Access Control Security Levels.T… |