Simple Membership: Exploiting Incorrect Security Settings Can Grant Unauthorized Access

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

4.3

Simple Membership: Exploiting Incorrect Security Settings Can Grant Unauthorized Access

CVE-2026-25308

Summary

A security flaw in Simple Membership software can allow users to access levels of the site they shouldn't be able to. This affects versions of Simple Membership up to 4.6.9. To protect your site, update to the latest version of the software or adjust your security settings to ensure proper access controls are in place.

Original title

Missing Authorization vulnerability in wp.insider Simple Membership simple-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Membership: f...

Original description

nvd CVSS3.1 4.3

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/simple-membership/vulnerability...

Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026