Wpinsider-1 Simple Membership
7 CVEs affecting Wpinsider-1 Simple Membership. Latest disclosed: 2026-02-19. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-4719 | High | 7.2 | 2023-09-06 | The Simple Membership plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `list_type` parameter in versions up to, and including, 4.3… |
CVE-2026-1461 | Medium | 6.5 | 2026-02-19 | The Simple Membership plugin for WordPress is vulnerable to Improper Handling of Missing Values in all versions up to, and including, 4.7.0 via the Stripe webh… |
CVE-2024-4383 | Medium | 6.4 | 2024-05-09 | The Simple Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'swpm_paypal_subscription_cancel_link' shortcode in al… |
CVE-2023-6882 | Medium | 6.1 | 2024-01-11 | The Simple Membership plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘environment_mode’ parameter in all versions up to, and incl… |
CVE-2024-3730 | Medium | 5.4 | 2024-04-25 | The Simple Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'swpm_paypal_subscription_cancel_link' shortcode in al… |
CVE-2024-11088 | Medium | 5.3 | 2024-11-21 | The Simple Membership plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5.5 via the WordPress core s… |
CVE-2024-1985 | Medium | 4.7 | 2024-03-13 | The Simple Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Display Name' parameter in all versions up to, and including… |