Common vulnerabilities and Exposures (CVE)

Skip to main content

Required CVE Record Information

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in smp7, wp.Insider Simple Membership allows Reflected XSS.This issue affects Simple Membership: from n/a through 4.3.8.

CVSS 1 Total

Learn more
ScoreSeverityVersionVector String
7.1HIGH3.1CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Product Status

Learn more

Versions 1 Total

Default Status: unaffected

affected

  • affected from n/a through 4.3.8 

    • unaffected from 4.3.9 

Credits

  • Le Ngoc Anh (Patchstack Alliance) finder

Updated:

This container includes required additional information provided by the CVE Program for this vulnerability.