📦 Wp Emember

This vulnerability in the wp-eMember WordPress plugin allows attackers to inject malicious scripts via unsanitized parameters, which are then reflected back in pages. It primarily targets high-privile...

This vulnerability in the wp-eMember WordPress plugin allows administrators to upload arbitrary files without validation, including malicious PHP files. Attackers with admin access could upload webshe...

The wp-eMember WordPress plugin before version 10.6.6 lacks Cross-Site Request Forgery (CSRF) protection on certain endpoints, allowing attackers to trick authenticated users into performing unintende...

This vulnerability in the wp-eMember WordPress plugin allows attackers to inject malicious scripts via the 'fieldId' parameter, which are then executed in victims' browsers when they visit a specially...

The wp-eMember WordPress plugin before version 10.6.7 has a stored cross-site scripting (XSS) vulnerability in member registration fields. Unauthenticated attackers can inject malicious scripts that e...

This vulnerability in the wp-eMember WordPress plugin allows attackers to inject malicious scripts via unsanitized parameters, which are then reflected back in web pages. It primarily targets high-pri...