CVE-2022-2317

The Simple Membership WordPress plugin before 4.1.3 allows user to change their membership at the registration stage due to insufficient checking of a user supplied parameter.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:simple-membership-plugin:simple_membership:*:*:*:*:*:wordpress:*:*

History

05 Aug 2022, 21:47

Type Values Removed Values Added
References (MISC) https://wpscan.com/vulnerability/77b7ca19-294c-4480-8f57-6fddfc67fffb - (MISC) https://wpscan.com/vulnerability/77b7ca19-294c-4480-8f57-6fddfc67fffb - Exploit, Third Party Advisory
First Time Simple-membership-plugin simple Membership
Simple-membership-plugin
CPE cpe:2.3:a:simple-membership-plugin:simple_membership:*:*:*:*:*:wordpress:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8

01 Aug 2022, 13:39

Type Values Removed Values Added
New CVE

Information

Published : 2022-08-01 13:15

Updated : 2022-08-05 21:47


NVD link : CVE-2022-2317

Mitre link : CVE-2022-2317


JSON object : View

Products Affected

simple-membership-plugin

  • simple_membership
CWE
CWE-269

Improper Privilege Management