← Back

Member Hero

member_hero

Vendor: Memberhero • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-0885
1Memberhero
1Member Hero
Nov 21, 2024
Jun 13, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
The Member Hero WordPress plugin through 1.0.9 lacks authorization checks, and does not validate the a request parameter in an AJAX action, allowing unauthenticated users to call arbitrary PHP functions with no arguments...Show more
The Member Hero WordPress plugin through 1.0.9 lacks authorization checks, and does not validate the a request parameter in an AJAX action, allowing unauthenticated users to call arbitrary PHP functions with no arguments.Show less