Testa din hemsida →

Armember

Det finns 8 kända sårbarheter i Armember.

8
Kända sårbarheter
2
Kritiska/höga
2024-12-06
Senaste sårbarhet
Använder du Armember?

Kör ett gratis test och se om din hemsida är påverkad.

Testa din hemsida

Kända sårbarheter

Medel 2024-12-06

CVE-2024-10681: The The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and...

Påverkade versioner: all

The The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and incl...

Medel 2024-08-17

CVE-2024-7703: The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all vers...

Påverkade versioner: all

The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions...

Medel 2024-06-22

CVE-2024-5596: The ARMember Premium plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.7. This is due to incorrectly implemented nonce validation function on mult...

Påverkade versioner: all

The ARMember Premium plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.7. This is due to incorrectly implemented nonce validation function on multipl...

Medel 2024-05-02

CVE-2024-4133: The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 4.0.30. ...

Påverkade versioner: all

The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 4.0.30. This...

Medel 2024-02-05

CVE-2024-0969: The ARMember plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.21 via the REST API. This makes it possible for unauthenticated attackers...

Påverkade versioner: <= 4.0.24

The ARMember plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.21 via the REST API. This makes it possible for unauthenticated attackers to...

Medel 2023-10-20

CVE-2023-3996: The ARMember Lite - Membership Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 4.0.14 due to insufficient input sanitization a...

Påverkade versioner: <= 4.0.14

The ARMember Lite - Membership Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 4.0.14 due to insufficient input sanitization and...

Hög 2023-07-12

CVE-2023-3011: The ARMember plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.0.5. This is due to missing or incorrect nonce validation on the arm_check_user_cap...

Påverkade versioner: < 4.0.6

The ARMember plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.0.5. This is due to missing or incorrect nonce validation on the arm_check_user_cap fu...

Hög 2022-06-27

CVE-2022-1903: The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover (even the administrator) due to missing nonce and authorization checks in an AJAX action available to unauthenticated us...

Påverkade versioner: < 3.4.8

The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover (even the administrator) due to missing nonce and authorization checks in an AJAX action available to unauthenticated users...

Vår rekommendation

Håll tillägget uppdaterat. De flesta sårbarheter åtgärdas snabbt av utvecklarna.

Ta bort tillägg du inte använder. Varje tillägg är en potentiell attackyta.

Testa din hemsida regelbundet. Automatisk bevakning fångar problem tidigt.

Andra tillägg med kända sårbarheter

Newsletter 50 sårb. Elementor 50 sårb. Royal elementor addons 49 sårb. Gutenberg 49 sårb. Classified 49 sårb. Ninja forms 48 sårb.