XSS flaw in WordPress WP-Members Plugin can lead to script injection
Security Affairs
APRIL 2, 2024
The Unauthenticated Stored Cross-Site Scripting vulnerability was reported to Wordfence by the WordPress developer Webbernaut as part of the company Bug Bounty Extravaganza. Webbernaut received a $500 bounty. The WP-Members Membership Plugin is currently installed on over 60,000 WordPress websites.
Let's personalize your content