Lucene search
WPScanCVELIST:CVE-2022-2273HistoryAug 01, 2022 - 12:51 p.m.
CVE-2022-2273 Simple Membership < 4.1.3 - Membership Privilege Escalation
2022-08-0112:51:22
CWE-269
WPScan
www.cve.org
1
simple membership
wordpress
privilege escalation
cve-2022-2273
validation
profile editing
The Simple Membership WordPress plugin before 4.1.3 does not properly validate the membership_level parameter when editing a profile, allowing members to escalate to a higher membership level by using a crafted POST request.
CNA Affected
[
{
"product": "Simple Membership",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.1.3",
"status": "affected",
"version": "4.1.3",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site request forgery (csrf)
2022-08-01 13:15:00
wpvulndb
wpvulndb
Simple Membership < 4.1.3 - Membership Privilege Escalation
2022-07-06 00:00:00
patchstack
patchstack
nvd
nvd
CVE-2022-2273
2022-08-01 13:15:10
cve
cve
CVE-2022-2273
2022-08-01 13:15:10
wpexploit
wpexploit
Simple Membership < 4.1.3 - Membership Privilege Escalation
2022-07-06 00:00:00
nessus
nessus
Simple Membership Plugin For WordPress < 4.1.3 Multiple Vulnerabilities
2023-10-05 00:00:00