Latest

Configuring Really Simple Security with WP-CLI

Input validation vulnerability in s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions 250905

CVE-2025-62023

Severity: critical
Status: Fixed
Publication: October 1, 2025

The s2Member plugin for WordPress, which is used for managing memberships, content restriction, paywalls, and member access subscriptions, has a security vulnerability that allows attackers to remotely execute code on the server. This means that even users who are not logged in can potentially access and manipulate the website’s code.

Detected in:

s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions fixed vulnerable versions:

Open source

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

Incorrect?

Is this information incorrect? Please leave us a message.

Latest

Configuring Really Simple Security with WP-CLI

Input validation vulnerability in s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions 250905

Detected in:

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

Get Started

About

Popular articles

Latest

Passkeys: no need for Limit Login Attempts?

Configuring Really Simple Security with WP-CLI

Input validation vulnerability in s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions 250905

Detected in: