Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| wp.insider | Simple Membership | unaffected |
|
No data.
No data.
OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.
| Vendors | Products |
|---|---|
|
Wordpress
Subscribe
|
Wordpress
Subscribe
|
|
Wp.insider
Subscribe
|
Simple Membership
Subscribe
|
Project Subscriptions
No advisories yet.
Solution
Update the WordPress Simple Membership Plugin to the latest available version (at least 4.7.3).
Workaround
No workaround given by the vendor.
Tue, 16 Jun 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 16 Jun 2026 06:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Wordpress
Wordpress wordpress Wp.insider Wp.insider simple Membership |
|
| Vendors & Products |
Wordpress
Wordpress wordpress Wp.insider Wp.insider simple Membership |
Mon, 15 Jun 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Unauthenticated Cross Site Scripting (XSS) in Simple Membership <= 4.7.2 versions. | |
| Title | WordPress Simple Membership plugin <= 4.7.2 - Cross Site Scripting (XSS) vulnerability | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-06-16T17:11:01.608Z
Reserved: 2026-04-29T09:04:47.838Z
Link: CVE-2026-42663
Vulnrichment
Updated: 2026-06-16T13:29:47.982Z
NVD
Status : Deferred
Published: 2026-06-15T21:16:56.053
Modified: 2026-06-15T21:24:32.790
Link: CVE-2026-42663
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-06-16T22:00:13Z