VYPR

Restrict Content

by WordPress

Source repositories

CVEs (9)

  • CVE-2026-32546HigMar 25, 2026
    risk 0.49cvss 7.5epss 0.00

    Missing Authorization vulnerability in StellarWP Restrict Content restrict-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restrict Content: from n/a through <= 3.2.22.

  • CVE-2026-1321HigMar 5, 2026
    risk 0.46cvss 8.1epss 0.00

    The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.20. This is due to the `rcp_setup_registration_init()` function accepting any membership level ID via the `rcp_level` POST parameter…

  • CVE-2015-9509MedOct 23, 2019
    risk 0.40cvss 6.1epss 0.01

    The Easy Digital Downloads (EDD) Content Restriction extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.

  • CVE-2025-14000MedDec 23, 2025
    risk 0.35cvss 6.4epss 0.00

    The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'register_form' and 'restrict' shortcodes in all versions up to, and including, 3.2.15 due to insufficient input sanitization and output escaping on user…

  • CVE-2023-47668MedNov 23, 2023
    risk 0.35cvss 5.3epss 0.01

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StellarWP Membership Plugin – Restrict Content plugin <= 3.2.7 versions.

  • CVE-2024-31432MedApr 15, 2024
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in StellarWP Restrict Content.This issue affects Restrict Content: from n/a through 3.2.8.

  • CVE-2026-1304MedFeb 18, 2026
    risk 0.29cvss 4.4epss 0.00

    The Membership Plugin – Restrict Content for WordPress is vulnerable to Stored Cross-Site Scripting via multiple invoice settings fields in all versions up to, and including, 3.2.18 due to insufficient input sanitization and output escaping. This makes it possible for…

  • CVE-2024-11351MedDec 11, 2024
    risk 0.27cvss 5.3epss 0.00

    The Restrict – membership, site, content and user access restrictions for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.8 via the WordPress core search feature. This makes it possible for…

  • CVE-2025-14844Jan 16, 2026
    risk 0.00cvss epss 0.00

    The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Missing Authentication in all versions up to, and including, 3.2.16 via the 'rcp_stripe_create_setup_intent_for_saved_card' function due to missing capability check. Additionally, the plugin does…