Simple Membership
wp.insider
Developer
4.6.8
Latest version
40,000
Installations
Sep 29, 2025
Last updated
Vulnerability history
0 present
20 fixed
7 Mitigation rules
- Cross Site Scripting (XSS) Vulnerability<= 4.6.3Jun 5, 2025
- Exposure of Private Personal Information to an Unauthorized Actor vulnerability<= 4.5.5Nov 21, 2024
- Open Redirection vulnerability<= 4.5.3Oct 21, 2024
- Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability<= 4.4.5May 5, 2024
- Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability<= 4.4.3Apr 25, 2024
- Unauthenticated Stored Self-Based Cross-Site Scripting vulnerability<= 4.4.2Mar 6, 2024
- Open Redirection vulnerability<= 4.4.1Jan 19, 2024
- Reflected Cross Site Scripting (XSS) vulnerability<= 4.3.8Dec 19, 2023
- Authenticated Account Takeover vulnerability<= 4.3.4Sep 25, 2023
- Unauthenticated Membership Role Privilege Escalation vulnerability<= 4.3.4Sep 25, 2023
- Reflected Cross-Site Scripting vulnerability<= 4.3.5Sep 6, 2023
- Contributor+ Stored XSS vulnerability< 4.2.2Dec 21, 2022
- Unauthenticated Membership Privilege Escalation vulnerability<= 4.1.2Jul 7, 2022
- Membership Privilege Escalation vulnerability<= 4.1.2Jul 7, 2022
- Reflected Cross-Site Scripting (XSS) vulnerability<= 4.1.0May 23, 2022
- Arbitrary Transaction Deletion via Cross-Site Request Forgery (CSRF) vulnerability<= 4.0.9Feb 25, 2022
- Arbitrary Member Deletion via Cross-Site Request Forgery (CSRF) vulnerability<= 4.0.8Jan 25, 2022
- Authenticated SQL Injection (SQLi) vulnerability<= 4.0.3Apr 5, 2021
- Cross-Site Request Forgery (CSRF) vulnerability<= 3.8.4Jul 29, 2019
- Cross Site Scripting (XSS)<= 3.2.8Jul 14, 2016