Filtered by vendor Liquidweb
Subscriptions
Filtered by product Restrict Content
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-14844 | 3 Liquidweb, Stellarwp, Wordpress | 3 Restrict Content, Membership Plugin - Restrict Content, Wordpress | 2026-01-23 | 8.2 High |
| The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Missing Authentication in all versions up to, and including, 3.2.16 via the 'rcp_stripe_create_setup_intent_for_saved_card' function due to missing capability check. Additionally, the plugin does not check a user-controlled key, which makes it possible for unauthenticated attackers to leak Stripe SetupIntent client_secret values for any membership. | ||||
| CVE-2024-31432 | 1 Liquidweb | 1 Restrict Content | 2024-11-21 | 5.3 Medium |
| Missing Authorization vulnerability in StellarWP Restrict Content.This issue affects Restrict Content: from n/a through 3.2.8. | ||||
| CVE-2023-47668 | 1 Liquidweb | 1 Restrict Content | 2024-11-21 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StellarWP Membership Plugin – Restrict Content plugin <= 3.2.7 versions. | ||||
| CVE-2023-3182 | 1 Liquidweb | 1 Restrict Content | 2024-11-21 | 6.1 Medium |
| The Membership WordPress plugin before 3.2.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | ||||
Page 1 of 1.