Wpswings

Membership For Woocommerce

5 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2025-67909

  • EPSS 0.04%
  • Veröffentlicht 24.12.2025 13:10:24
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Authorization Bypass Through User-Controlled Key vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Membership For WooCommerce: f...

7.5

CVE-2025-54692

  • EPSS 0.03%
  • Veröffentlicht 14.08.2025 10:34:51
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Missing Authorization vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Membership For WooCommerce: from n/a through <= 2.9.0.

7.5

CVE-2025-49265

  • EPSS 0.12%
  • Veröffentlicht 09.06.2025 15:53:53
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Missing Authorization vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Membership For WooCommerce: from n/a through <= 2.8.1.

6.5

CVE-2025-39579

  • EPSS 0.14%
  • Veröffentlicht 16.04.2025 12:44:25
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Swings Membership For WooCommerce membership-for-woocommerce allows DOM-Based XSS.This issue affects Membership For WooCommerce: from n/a through...

9.8

CVE-2022-4395

Exploit
  • EPSS 76.28%
  • Veröffentlicht 30.01.2023 21:15:10
  • Zuletzt bearbeitet 27.03.2025 20:15:17

The Membership For WooCommerce WordPress plugin before 2.1.7 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as malicious PHP code, and achieve RCE.