simple membership

Simple Membership Vulnerability- Unauthenticated Stored Self-Based Cross-Site Scripting – CVE-2024-1985 |WordPress Plugin Vulnerability Report

By Your WP Guy / Mar 5, 2024

Plugin Name: Simple Membership Key Information: Software Type: Plugin Software Slug: simple-membership Software Status: Active Software Author: mra13 Software Downloads: 2,421,375 Active Installs: 50,000 Last Updated: March 7, 2024 Patched Versions: 4.4.3 Affected Versions: <= 4.4.2 Vulnerability Details: Name: Simple Membership <= 4.4.2 Title: Unauthenticated Stored Self-Based Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N CVE: CVE-2024-1985 CVSS Score:…

Read More

Simple Membership Vulnerability – Open Redirect – CVE-2024-22308 | WordPress Plugin Vulnerability Report

By Your WP Guy / Jan 19, 2024

Plugin Name: Simple Membership Key Information: Software Type: Plugin Software Slug: simple-membership Software Status: Active Software Author: mra13 Software Downloads: 2,388,048 Active Installs: 50,000 Last Updated: January 19, 2024 Patched Versions: 4.4.2 Affected Versions: <= 4.4.1 Vulnerability Details: Name: Simple Membership <= 4.4.1 – Open Redirect Title: Open Redirect Type: URL Redirection to Untrusted Site (‘Open Redirect’) CVE: CVE-2024-22308 CVSS Score: 6.1 (Medium) Publicly Published: January 19, 2024 Researcher: Joshua Chan…

Read More

Simple Membership Vulnerability – Reflected Cross-Site Scripting Vulnerability via environment_mode – CVE-2023-6882 | WordPress Plugin Vulnerability Report

By Your WP Guy / Dec 18, 2023

Plugin Name: Simple Membership Key Information: Software Type: Plugin Software Slug: simple-membership Software Status: Active Software Author: mra13 Software Downloads: 2,315,432 Active Installs: 50,000 Last Updated: December 18, 2023 Patched Versions: 4.3.9 Affected Versions: <= 4.3.8 Vulnerability Details: Name: Simple Membership <= 4.3.8 – Reflected Cross-Site Scripting Vulnerability via environment_mode Type: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) CVE: CVE-2023-6882 CVSS Score: 6.1 (Medium) Publicly…

Read More