Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup 4.0.26

  • Severity: high-risk
  • Status: Open
  • Publication: March 26, 2024

The ARMember plugin for WordPress, which is used to manage memberships, restrict content, set member levels, and handle user profiles and signups, has a security vulnerability. This means that malicious individuals with contributor-level access or higher can use untrusted information to insert malicious code into the plugin. This could potentially give them the ability to delete files, access sensitive information, or run code on the target system. There is no known way to exploit this vulnerability, but if another plugin or theme on the system also has a vulnerability, it could be used to carry out these attacks.

Detected in:

ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup open vulnerable versions: >= * <= 4.0.26

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.