Vulnerabilidades em WishList Member

5 resultados

CVE-2026-24575MEDIUMWordPress WishList Member X plugin <= 3.29.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-6419HIGHWishlist Member <= 3.30.1 - Missing Authorization to Authenticated (Subscriber+) API Secret Key Disclosure and Privilege Escalation via 'wlm3_get_screen' AJAX actionEPSS 0.3%CVE-2026-6895HIGHWishlist Member <= 3.30.1 - Missing Authorization to Authenticated (Subscriber+) API Secret Key Disclosure and Privilege Escalation via 'wlm3_export_settings' AJAX ActionEPSS 0.2%CVE-2026-6897HIGHWishlist Member <= 3.30.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Options Update via 'wishlistmember_team_accounts_save_settings' AJAX actionEPSS 0.2%CVE-2026-6898HIGHWishList Member <= 3.30.1 - Missing Authorization to Authenticated (Subscriber+) Generate API Secret Key via 'wlm3_generate_api_key' AJAX actionEPSS 0.2%