ARMember Premium
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-5596 | Med | 0.41 | 6.3 | 0.00 | Jun 22, 2024 | The ARMember Premium plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.7. This is due to incorrectly implemented nonce validation function on multiple functions. This makes it possible for unauthenticated attackers to modify, or… | ||
| CVE-2023-39994 | Med | 0.28 | 4.3 | 0.00 | Jan 2, 2025 | Missing Authorization vulnerability in Repute InfoSystems ARMember Premium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember Premium: from n/a through 5.9.2. | ||
| CVE-2022-47424 | 0.00 | — | 0.00 | Nov 19, 2024 | Cross-Site Request Forgery (CSRF) vulnerability in Repute InfoSystems ARMember, Repute InfoSystems ARMember Premium allows Cross-Site Request Forgery.This issue affects ARMember: from n/a through 4.0.5; ARMember Premium: from n/a before 6.7.1. | |||
| CVE-2022-47421 | 0.00 | — | 0.00 | Jul 18, 2023 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember (free), Repute InfoSystems ARMember (premium) plugins. | |||
| CVE-2022-42888 | 0.00 | — | 0.01 | Dec 6, 2022 | Unauth. Privilege Escalation vulnerability in ARMember premium plugin <= 5.5.1 on WordPress. |
- risk 0.41cvss 6.3epss 0.00
The ARMember Premium plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.7. This is due to incorrectly implemented nonce validation function on multiple functions. This makes it possible for unauthenticated attackers to modify, or…
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Repute InfoSystems ARMember Premium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember Premium: from n/a through 5.9.2.
- CVE-2022-47424Nov 19, 2024risk 0.00cvss —epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Repute InfoSystems ARMember, Repute InfoSystems ARMember Premium allows Cross-Site Request Forgery.This issue affects ARMember: from n/a through 4.0.5; ARMember Premium: from n/a before 6.7.1.
- CVE-2022-47421Jul 18, 2023risk 0.00cvss —epss 0.00
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember (free), Repute InfoSystems ARMember (premium) plugins.
- CVE-2022-42888Dec 6, 2022risk 0.00cvss —epss 0.01
Unauth. Privilege Escalation vulnerability in ARMember premium plugin <= 5.5.1 on WordPress.