WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Simple Membership

2023-09-05
Simple Membership < 4.3.6 - Reflected XSS
Fixed in version 4.3.6
2022-12-21
Simple Membership < 4.2.2 - Contributor+ Stored XSS
Fixed in version 4.2.2
2022-07-06
Simple Membership < 4.1.3 - Unauthenticated Membership Privilege Escalation
Fixed in version 4.1.3
2022-07-06
Simple Membership < 4.1.3 - Membership Privilege Escalation
Fixed in version 4.1.3
2022-05-23
Simple Membership < 4.1.1 - Reflected Cross-Site Scripting
Fixed in version 4.1.1
2022-02-25
Simple Membership < 4.1.0 - Arbitrary Transaction Deletion via CSRF
Fixed in version 4.1.0
2022-01-25
Simple Membership < 4.0.9 - Arbitrary Member Deletion via CSRF
Fixed in version 4.0.9
2021-04-05
Simple Membership < 4.0.4 - Authenticated SQL Injections
Fixed in version 4.0.4
2019-07-27
Simple Membership <= 3.8.4 - Cross-Site Request Forgery (CSRF)
Fixed in version 3.8.5
2017-11-08
Simple Membership < 3.5.7 - XSS
Fixed in version 3.5.7
2016-09-16
Simple Membership < 3.3.3 - Multiple CSRF
Fixed in version 3.3.3
2016-07-14
Simple Membership <= 3.2.8 - Cross-Site Scripting (XSS)
Fixed in version 3.2.9