VYPR

ARMember Premium

by Reputeinfosystems

CVEs (5)

  • CVE-2024-5596MedJun 22, 2024
    risk 0.41cvss 6.3epss 0.00

    The ARMember Premium plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.7. This is due to incorrectly implemented nonce validation function on multiple functions. This makes it possible for unauthenticated attackers to modify, or…

  • CVE-2023-39994MedJan 2, 2025
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in Repute InfoSystems ARMember Premium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember Premium: from n/a through 5.9.2.

  • CVE-2022-47424Nov 19, 2024
    risk 0.00cvss epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Repute InfoSystems ARMember, Repute InfoSystems ARMember Premium allows Cross-Site Request Forgery.This issue affects ARMember: from n/a through 4.0.5; ARMember Premium: from n/a before 6.7.1.

  • CVE-2022-47421Jul 18, 2023
    risk 0.00cvss epss 0.00

    Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember (free), Repute InfoSystems ARMember (premium) plugins.

  • CVE-2022-42888Dec 6, 2022
    risk 0.00cvss epss 0.01

    Unauth. Privilege Escalation vulnerability in ARMember premium plugin <= 5.5.1 on WordPress.