Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

strangerstudios — Vulnerabilities & Security Advisories 10

Browse all 10 CVE security advisories affecting strangerstudios. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Strangerstudios develops web applications and content management systems, with their products primarily serving as publishing platforms for digital media. Historically, their vulnerabilities have frequently included remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and access control issues. The organization has demonstrated inconsistent patch response times, with several critical vulnerabilities remaining unaddressed for extended periods. Their products have been exploited in multiple high-profile breaches, resulting in unauthorized data access and server compromises. Security researchers have noted recurring patterns of insecure default configurations and inadequate dependency management across their software portfolio.

Top products by strangerstudios: Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions Memberlite Shortcodes
CVE IDTitleCVSSSeverityPublished
CVE-2026-4100 Paid Memberships Pro <= 3.6.5 - Missing Authorization to Authenticated (Subscriber+) Stripe Webhook Deletion and Payment Processing Disruption — Paid Memberships Pro – Content Restriction, User Registration, & Paid SubscriptionsCWE-862 7.1 High2026-05-02
CVE-2025-10125 Memberlite Shortcodes <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — Memberlite ShortcodesCWE-80 6.4 Medium2025-09-17
CVE-2024-11227 Memberlite Shortcodes <= 1.3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via memberlite_accordion Shortcode — Memberlite ShortcodesCWE-79 6.4 Medium2024-11-23
CVE-2024-1407 Paid Memberships Pro <= 2.12.10 - Cross-Site Request Forgery to Membership Modification — Paid Memberships Pro – Content Restriction, User Registration, & Paid SubscriptionsCWE-352 5.4 Medium2024-06-19
CVE-2024-3215 Paid Memberships Pro <= 3.0.1 - Cross-Site Request Forgery — Paid Memberships Pro – Content Restriction, User Registration, & Paid SubscriptionsCWE-352 5.3 Medium2024-05-02
CVE-2024-0588 Paid Memberships Pro <= 2.12.10 - Cross-Site Request Forgery — Paid Memberships Pro – Content Restriction, User Registration, & Paid SubscriptionsCWE-352 4.3 Medium2024-04-09
CVE-2024-0624 Paid Memberships Pro <= 2.12.7 - Cross-Site Request Forgery to Level Orders Update — Paid Memberships Pro – Content Restriction, User Registration, & Paid SubscriptionsCWE-352 5.3 Medium2024-01-25
CVE-2023-6855 Paid Memberships Pro <= 2.12.5 - Missing Authorization via API — Paid Memberships Pro – Content Restriction, User Registration, & Paid SubscriptionsCWE-862 5.3 Medium2024-01-11
CVE-2023-6187 Paid Memberships Pro <= 2.12.3 - Authenticated (Subscriber+) Arbitrary File Upload — Paid Memberships Pro – Content Restriction, User Registration, & Paid SubscriptionsCWE-434 7.5 High2023-11-18
CVE-2020-36754 Paid Memberships Pro <= 2.4.2 - Cross-Site Request Forgery Bypass — Paid Memberships Pro – Content Restriction, User Registration, & Paid SubscriptionsCWE-352 4.3 Medium2023-10-20

This page lists every published CVE security advisory associated with strangerstudios. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.