Vulnerabilidades en wpinsider-1
10 resultadosCVE-2023-0254HIGHSimple Membership WP user Import <= 1.7 - Authenticated (Admin+) SQL InjectionEPSS 0.9%CVE-2024-1985MEDIUMSimple Membership <= 4.4.2 - Unauthenticated Stored Self-Based Cross-Site ScriptingEPSS 0.9%CVE-2024-11088MEDIUMSimple Membership <= 4.5.5 - Exposure of Private Personal Information to an Unauthorized ActorEPSS 0.6%CVE-2023-4719HIGHSimple Membership <= 4.3.5 - Reflected Cross-Site ScriptingEPSS 0.5%CVE-2024-4383MEDIUMSimple Membership <= 4.4.5 - Authenticated(Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.4%CVE-2023-6882MEDIUMSimple Membership <= 4.3.8 - Reflected Cross-Site Scripting Vulnerability via environment_modeEPSS 0.4%CVE-2026-12093MEDIUMSimple Membership <= 4.7.5 - Missing Authorization to Unauthenticated Arbitrary Member Account Deactivation via Forged Stripe 'charge.refunded' WebhookEPSS 0.4%CVE-2024-3730MEDIUMSimple Membership <= 4.4.3 - Authenticated(Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.3%CVE-2024-0859MEDIUMAffiliates Manager <= 2.9.34 - Cross-Site Request ForgeryEPSS 0.3%CVE-2026-1461MEDIUMSimple Membership <= 4.7.0 - Unauthenticated Improper Handling of Missing ValuesEPSS 0.2%