Wpcom Wpcom_member

3 CVEs affecting Wpcom Wpcom_member. Latest disclosed: 2025-03-14. Critical: 1, High: 2.

Top CVEs affecting Wpcom Wpcom_member
CVESeverityScorePublishedSummary
CVE-2024-7493Critical9.82024-09-06The WPCOM Member plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.5.2.1. This is due to the plugin allowing a…
CVE-2025-2221High7.52025-03-14The WPCOM Member plugin for WordPress is vulnerable to time-based SQL Injection via the ‘user_phone’ parameter in all versions up to, and including, 1.7.6 due…
CVE-2024-47378High7.12024-10-05Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lomu WPCOM Member wpcom-member allows Reflected XSS.This…