MidnightBSD

Advisories for s2member

CVE-2011-5082 MEDIUM

Cross-site scripting (XSS) vulnerability in the s2Member Pro plugin before 111220 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s2member_pro_authnet_checkout[coupon] parameter (aka Coupon Code field).

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
s2member s2member 110605
s2member s2member 110913
s2member s2member 110620
s2member s2member 111017
s2member s2member 110604
s2member s2member 110926
s2member s2member 111029
s2member s2member 110815
s2member s2member 111011
s2member s2member 110708
s2member s2member 110912
s2member s2member 111002
s2member s2member 111105
s2member s2member 110915
s2member s2member 111003
s2member s2member *
s2member s2member 110617
s2member s2member 110709
s2member s2member 111206
s2member s2member 110606
s2member s2member 110731
s2member s2member 110927
s2member s2member 110812
s2member s2member 110710
CVE-2024-12562

The s2Member Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 241216 via deserialization of untrusted input from the 's2member_pro_remote_op' vulnerable parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@wordfence.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
s2member s2member *