Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

cbutlerjr — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting cbutlerjr. AI-powered Chinese analysis, POCs, and references for each vulnerability.

cbutlerjr is a security researcher focused on identifying vulnerabilities in web applications and enterprise software. Their work primarily centers on uncovering flaws that could lead to remote code execution, cross-site scripting, and privilege escalation. With 13 CVEs to their name, cbutlerjr has demonstrated a consistent ability to find critical issues across multiple platforms. While no major public incidents are directly attributed to their findings, their contributions have helped address significant security gaps in various systems. The researcher's portfolio reflects a methodical approach to vulnerability discovery, often targeting authentication mechanisms and input validation processes to expose potential weaknesses in widely deployed software solutions.

Top products by cbutlerjr: WP-Members Membership Plugin
CVE IDTitleCVSSSeverityPublished
CVE-2026-2363 WP-Members Membership Plugin <= 3.5.5.1 - Authenticated (Contributor+) SQL Injection via 'order_by' Shortcode Attribute — WP-Members Membership PluginCWE-89 6.5 Medium2026-03-04
CVE-2025-14448 WP-Members Membership Plugin <= 3.5.4.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Multiple Checkbox and Multiple Select User Profile Fields — WP-Members Membership PluginCWE-79 5.4 Medium2026-01-15
CVE-2025-12648 WP-Members Membership Plugin <= 3.5.4.4 - Unauthenticated Information Exposure via Unprotected Files — WP-Members Membership PluginCWE-552 5.3 Medium2026-01-07
CVE-2025-9489 WP-Members Membership Plugin <= 3.5.4.2 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Profile Names — WP-Members Membership PluginCWE-94 5.0 Medium2025-09-09
CVE-2025-7495 WP-Members <= 3.5.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — WP-Members Membership PluginCWE-79 6.4 Medium2025-07-22
CVE-2025-4610 WP-Members <= 3.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpmem_user_memberships Shortcode — WP-Members Membership PluginCWE-79 6.4 Medium2025-05-17
CVE-2024-10374 WP-Members <= 3.4.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpmem_loginout Shortcode — WP-Members Membership PluginCWE-79 6.4 Medium2024-10-25
CVE-2024-9231 WP-Members Membership Plugin <= 3.4.9.5 - Reflected Cross-Site Scripting — WP-Members Membership PluginCWE-79 6.1 Medium2024-10-22
CVE-2024-2920 WP-Members Membership Plugin <= 3.4.9.3 - Unprotected Storage of Potentially Sensitive Files — WP-Members Membership PluginCWE-200 5.3 Medium2024-04-26
CVE-2024-1852 WP-Members Membership Plugin <= 3.4.9.2 - Unauthenticated Stored Cross-Site Scripting — WP-Members Membership PluginCWE-79 7.2 High2024-04-09
CVE-2024-1987 WP-Members Membership Plugin <= 3.4.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — WP-Members Membership PluginCWE-79 6.4 Medium2024-03-08
CVE-2023-6733 WP-Members Membership Plugin <= 3.4.8 - Missing Authorization to Sensitive Information Exposure — WP-Members Membership PluginCWE-284 6.5 Medium2024-01-04
CVE-2023-2869 WP-Members Membership <= 3.4.7.3 - Missing Authorization to Settings Update — WP-Members Membership PluginCWE-862 4.3 Medium2023-07-12

This page lists every published CVE security advisory associated with cbutlerjr. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.