cleantalk
Vulnerabilities and Security Researches

Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction, CVE-2025-31088

CVE, Research URL

CVE-2025-31088

Home page URL

Security reports for Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction

Application

Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction

Published on
Mar 28, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cozmoslabs Paid Member Subscriptions allows Stored XSS. This issue affects Paid Member Subscriptions: from n/a through 2.14.3.
Affected versions
Min -, max 2.14.4.
Status
vulnerable
Previous vulnerability researches
Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction (CVE-2024-11291) , Dec 19, 2024
Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction (CVE-2024-12919) , Jan 15, 2025
Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction (CVE-2025-31088) , Apr 02, 2025
Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction (CVE-2021-24728) , Jun 07, 2024
Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction (CVE-2024-32728) , Jun 07, 2024
New vulnerability
WP Statistics , May 27, 2025
Hostinger , May 27, 2025
BackWPup – WordPress Backup Plugin , May 27, 2025
Quick Contact Form (CVE-2025-48245) , May 27, 2025
Affiliate Sales in Google Analytics and other tools (CVE-2024-12561) , May 27, 2025