CVE-2017-2222

Description

Cross-site scripting vulnerability in WP-Members prior to version 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected products

Chad Butler / WP-Membersprior to version 3.1.8 – prior to version 3.1.8

References

MISChttps://wordpress.org/plugins/wp-members/#developers
MISChttps://jvn.jp/en/jp/JVN51355647/index.html
MISChttps://plugins.trac.wordpress.org/changeset/1667369/#file12