cleantalk
Vulnerabilities and Security Researches

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription, CVE-2025-62023

CVE, Research URL

CVE-2025-62023

Home page URL

Security reports for s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription

Application

s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription

Published on
Oct 22, 2025
Research Description
Improper Control of Generation of Code ('Code Injection') vulnerability in Cristián Lávaque s2Member s2member.This issue affects s2Member: from n/a through <= 250905.
Affected versions
max 250905.
Status
vulnerable
Previous vulnerability researches
SNORDIAN&#039;s H5PxAPIkatchu (CVE-2025-30821) , Apr 02, 2025
Interactive Content – H5P (CVE-2025-62951) , Nov 10, 2025
Interactive Content – H5P , Jun 06, 2024
Interactive Content – H5P (CVE-2024-3111) , Jun 28, 2024
New vulnerability
JB News Ticker (CVE-2025-11804) , Nov 11, 2025
My auctions allegro (CVE-2025-10048) , Nov 11, 2025
Sertifier Certificates &amp; Open Badges &#8211; Tutor LMS (CVE-2025-53214) , Nov 11, 2025
Toast Mobile Menu &#8211; PageSpeed Insights Friendly (CVE-2025-53238) , Nov 11, 2025
Stripe Payment forms for WordPress Plugin – WP Full Pay (CVE-2025-9322) , Nov 11, 2025