Simple Membership
wp.insider
Developer
4.7.2
Latest version
40,000
Installations
No date
Last updated
Vulnerability history
0 present
22 patched
7 Mitigation rules
- Unauthenticated Improper Handling of Missing Values vulnerability<= 4.7.023/02/2026
- Broken Access Control vulnerability<= 4.6.919/01/2026
- Cross Site Scripting (XSS) Vulnerability<= 4.6.305/06/2025
- Exposure of Private Personal Information to an Unauthorized Actor vulnerability<= 4.5.521/11/2024
- Open Redirection vulnerability<= 4.5.321/10/2024
- Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability<= 4.4.505/05/2024
- Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability<= 4.4.325/04/2024
- Unauthenticated Stored Self-Based Cross-Site Scripting vulnerability<= 4.4.206/03/2024
- Open Redirection vulnerability<= 4.4.119/01/2024
- Reflected Cross Site Scripting (XSS) vulnerability<= 4.3.819/12/2023
- Authenticated Account Takeover vulnerability<= 4.3.425/09/2023
- Unauthenticated Membership Role Privilege Escalation vulnerability<= 4.3.425/09/2023
- Reflected Cross-Site Scripting vulnerability<= 4.3.506/09/2023
- Contributor+ Stored XSS vulnerability< 4.2.221/12/2022
- Unauthenticated Membership Privilege Escalation vulnerability<= 4.1.207/07/2022
- Membership Privilege Escalation vulnerability<= 4.1.207/07/2022
- Reflected Cross-Site Scripting (XSS) vulnerability<= 4.1.023/05/2022
- Arbitrary Transaction Deletion via Cross-Site Request Forgery (CSRF) vulnerability<= 4.0.925/02/2022
- Arbitrary Member Deletion via Cross-Site Request Forgery (CSRF) vulnerability<= 4.0.825/01/2022
- Authenticated SQL Injection (SQLi) vulnerability<= 4.0.305/04/2021
- Cross-Site Request Forgery (CSRF) vulnerability<= 3.8.429/07/2019
- Cross Site Scripting (XSS)<= 3.2.814/07/2016