Input validation vulnerability in ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup 4.0.4

The ARMember plugin for WordPress is a security risk if you have version 4.0.4 or lower installed. Attackers with administrator-level access can inject malicious web scripts into pages which can be executed when any user visits that page. This vulnerability only affects WordPress websites that are multi-site or have disabled unfiltered_html.