Vulnerabilities and security researches fors2member s2member

Direction: ascending

Jun 07, 2024

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription # CVE-2011-5082

CVE, Research URL: CVE-2011-5082
Home page URL: Security reports for s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription
Application: s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription
Date: Mar 20, 2012
Research Description: Cross-site scripting (XSS) vulnerability in the s2Member Pro plugin before 111220 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s2member_pro_authnet_checkout[coupon] parameter (aka Coupon Code field).
Affected versions: Min -, max -.
Status: vulnerable

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription # CVE-2024-31237

CVE, Research URL: CVE-2024-31237
Home page URL: Security reports for s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription
Application: s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription
Date: May 17, 2024
Research Description: Improper Privilege Management vulnerability in WP Sharks s2Member Pro allows Privilege Escalation.This issue affects s2Member Pro: from n/a through 240315.
Affected versions: Min -, max -.
Status: vulnerable

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription # CVE-2024-0899

CVE, Research URL: CVE-2024-0899
Home page URL: Security reports for s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription
Application: s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription
Date: Apr 10, 2024
Research Description: The s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 230815 via the API. This makes it possible for unauthenticated attackers to see the contents of those posts and pages.
Affected versions: Min -, max -.
Status: vulnerable

Dec 08, 2024

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription # CVE-2024-51815

CVE, Research URL: CVE-2024-51815
Home page URL: Security reports for s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription
Application: s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription
Date: Dec 06, 2024
Research Description: Improper Control of Generation of Code ('Code Injection') vulnerability in WP Sharks s2Member Pro allows Code Injection.This issue affects s2Member Pro: from n/a through 241114.
Affected versions: Min -, max -.
Status: vulnerable

Dec 18, 2024

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription # CVE-2024-8326

CVE, Research URL: CVE-2024-8326
Home page URL: Security reports for s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription
Application: s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription
Date: Dec 17, 2024
Research Description: The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 241114 via the 'sc_get_details' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including user data and database configuration information, which can lead to reading, updating, or dropping database tables. The vulnerability was partially patched in version 241114.
Affected versions: Min -, max -.
Status: vulnerable

Feb 20, 2025

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription # CVE-2024-11376

CVE, Research URL: CVE-2024-11376
Home page URL: Security reports for s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription
Application: s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription
Date: Feb 18, 2025
Research Description: The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 241114. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions: Min -, max -.
Status: vulnerable

Mar 05, 2025

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription # CVE-2025-26879

CVE, Research URL: CVE-2025-26879
Home page URL: Security reports for s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription
Application: s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription
Date: Mar 03, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cristián Lávaque s2Member Pro allows Reflected XSS. This issue affects s2Member Pro: from n/a through 241216.
Affected versions: Min -, max -.
Status: vulnerable

Apr 06, 2025

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription # CVE-2025-32137

CVE, Research URL: CVE-2025-32137
Home page URL: Security reports for s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription
Application: s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription
Date: Apr 04, 2025
Research Description: Relative Path Traversal vulnerability in Cristián Lávaque s2Member allows Path Traversal. This issue affects s2Member: from n/a through 250214.
Affected versions: Min -, max -.
Status: vulnerable

Vulnerabilities and security researches fors2member s2member

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls &amp; Member Access Subscription # CVE-2011-5082

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls &amp; Member Access Subscription # CVE-2024-31237

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls &amp; Member Access Subscription # CVE-2024-0899

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls &amp; Member Access Subscription # CVE-2024-51815

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls &amp; Member Access Subscription # CVE-2024-8326

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls &amp; Member Access Subscription # CVE-2024-11376

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls &amp; Member Access Subscription # CVE-2025-26879

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls &amp; Member Access Subscription # CVE-2025-32137

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription # CVE-2011-5082

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription # CVE-2024-31237

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription # CVE-2024-0899

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription # CVE-2024-51815

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription # CVE-2024-8326

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription # CVE-2024-11376

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription # CVE-2025-26879

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription # CVE-2025-32137