Members
by WordPress
Source repositories
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-11008 | Med | 0.27 | 5.3 | 0.00 | Dec 11, 2024 | The Members – Membership & User Role Editor Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.10 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive… | ||
| CVE-2006-1694 | 0.03 | — | 0.01 | Apr 11, 2006 | SQL injection vulnerability in members.php in XBrite Members 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||
| CVE-2025-21079 | 0.00 | — | 0.00 | Nov 5, 2025 | Improper input validation in Samsung Members prior to version 5.5.01.3 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability. | |||
| CVE-2022-36877 | 0.00 | — | 0.00 | Sep 9, 2022 | Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions 4.3.00.11 in Global and 14.0.02.4 in China allows local attackers to access device identification via log. |
- risk 0.27cvss 5.3epss 0.00
The Members – Membership & User Role Editor Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.10 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive…
- CVE-2006-1694Apr 11, 2006risk 0.03cvss —epss 0.01
SQL injection vulnerability in members.php in XBrite Members 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
- CVE-2025-21079Nov 5, 2025risk 0.00cvss —epss 0.00
Improper input validation in Samsung Members prior to version 5.5.01.3 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability.
- CVE-2022-36877Sep 9, 2022risk 0.00cvss —epss 0.00
Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions 4.3.00.11 in Global and 14.0.02.4 in China allows local attackers to access device identification via log.