Restrict User Access – Ultimate Membership & Content Protection

Vulnerabilities 7Slug restrict-user-accessLatest version 2.8WordPress.org →

Minimum safe version

2.6

Update to 2.6 or later to address 7 fixable vulnerabilities

Latest available2.8 ✓

Medium 6.3

2024-10-16< 2.2.2

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE

High 7.1

2024-03-19< 2.6

CVE-2024-29138

CVE Wordfence Patchstack WPScan

Medium 5.3

2024-03-13< 2.6

CVE-2024-0687

CVE Wordfence Patchstack WPScan

N/A

2023-07-18< 2.4.3

WordPress Restrict User Access – Membership Plugin with Force Plugin < 2.4.3 is vulnerable to Cross Site Scripting (XSS)

Patchstack WPScan CVE

N/A

2022-03-04< 2.2.2

Freemius SDK <= 2.4.2 - Missing Authorization Checks

Wordfence

N/A

2022-02-28< 2.2.2

WordPress Restrict User Access – Membership Plugin with Force plugin <= 2.2.1 - Sensitive Information Disclosure vulnerability

Patchstack

N/A

2022-02-28< 2.2.2

WordPress Restrict User Access – Membership Plugin with Force plugin <= 2.2.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack