MidnightBSD

Advisories for wishlistmember

CVE-2024-37107

Improper Privilege Management vulnerability in Membership Software WishList Member X allows Privilege Escalation.This issue affects WishList Member X: from n/a before 3.26.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
audit@patchstack.com 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
wishlistmember wishlist_member_x *
CVE-2024-37109

Improper Control of Generation of Code ('Code Injection') vulnerability in Membership Software WishList Member X allows Code Injection.This issue affects WishList Member X: from n/a before 3.26.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
audit@patchstack.com 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 3.1 6.0

Products Affected

Vendor Product Version
wishlistmember wishlist_member *
CVE-2024-37111

Missing Authorization vulnerability in Membership Software WishList Member X.This issue affects WishList Member X: from n/a before 3.26.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
audit@patchstack.com 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
wishlistmember wishlist_member_x *