Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6733 | 1 Wp-members Project | 1 Wp-members | 2024-01-10 | N/A | 6.5 MEDIUM |
| The WP-Members Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.8 via the wpmem_field shortcode. This makes it possible for authenticated attackers, with contributor access and above, to extract sensitive data including user emails, password hashes, usernames, and more. | |||||
| CVE-2017-2222 | 1 Wp-members Project | 1 Wp-members | 2017-07-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in WP-Members prior to version 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||