s2Member <= 240315 - Limited Privilege Escalation

Wordfence Intelligence   >   Vulnerability Database   >   s2Member <= 240315 - Limited Privilege Escalation
9.1
Incorrect Privilege Assignment
CVE CVE-2024-31237
CVSS 9.1 (Critical)
Publicly Published April 5, 2024
Last Updated April 15, 2024
Researcher Ngô Thiên An (ancorn_)

Description

The s2Member plugin for WordPress is vulnerable to limited privilege escalation in versions up to, and including, 240315. This is due to insufficient controls during user registration. This makes it possible for unauthenticated attackers to register with higher than the default permissions.

References

Share

Vulnerability Details for s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions

s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions

Software Type Plugin
Software Slug s2member (view on wordpress.org)
Patched? Yes
Remediation Update to version 240325, or a newer patched version
Affected Version
  • <= 240315
Patched Version
  • 240325

Recent vulnerabilities in s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions

s2Member <= 260127 - Unauthenticated Privilege Escalation via Account Takeover
9.8
CVE-2026-1994
Feb 18, 2026
Researcher: Alyudin Nafiie
s2Member <= 251005 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-2025-13732
Feb 18, 2026
Researcher: Muhammad Yudha - DJ
s2Member <= 250905 - Unauthenticated Remote Code Execution
9.8
CVE-2025-62023
Oct 1, 2025
Researcher: Drew Webber (mcdruid)
s2Member <= 250701 - Unauthenticated PHP Object Injection
8.1
CVE-2025-58998
Aug 21, 2025
Researcher: ChuongVN
s2Member <= 250419 - Authenticated (Administrator+) Local File Inclusion
7.2
CVE-2025-32137
Apr 4, 2025
Researcher: Hakiduck
s2Member Pro <= 241216 - Reflected Cross-Site Scripting
6.1
CVE-2025-26879
Feb 22, 2025
Researcher: 0xd4rk5id3
s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions <= 241216 - Reflected Cross-Site Scripting
6.1
CVE-2024-11376
Feb 17, 2025
Researcher: vgo0
s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions <= 241114 - Authenticated (Contributor+) Sensitive Information Exposure
8.8
CVE-2024-8326
Dec 16, 2024
Researcher: wesley (wcraft)
s2Member (Pro) <= 241114 - Unauthenticated Remote Code Execution
8.1
CVE-2024-51815
Dec 2, 2024
Researcher: Hakiduck
s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions <= 230815 - Information Exposure
5.3
CVE-2024-0899
Mar 18, 2024
Researcher: Francesco Carlucci
# Title CVE ID CVSS Researchers Date
1 s2Member <= 260127 - Unauthenticated Privilege Escalation via Account Takeover CVE-2026-1994 9.8 Alyudin Nafiie February 18, 2026
2 s2Member <= 251005 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2025-13732 6.4 Muhammad Yudha - DJ February 18, 2026
3 s2Member <= 250905 - Unauthenticated Remote Code Execution CVE-2025-62023 9.8 Drew Webber (mcdruid) October 1, 2025
4 s2Member <= 250701 - Unauthenticated PHP Object Injection CVE-2025-58998 8.1 ChuongVN August 21, 2025
5 s2Member <= 250419 - Authenticated (Administrator+) Local File Inclusion CVE-2025-32137 7.2 Hakiduck April 4, 2025
6 s2Member Pro <= 241216 - Reflected Cross-Site Scripting CVE-2025-26879 6.1 0xd4rk5id3 February 22, 2025
7 s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions <= 241216 - Reflected Cross-Site Scripting CVE-2024-11376 6.1 vgo0 February 17, 2025
8 s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions <= 241114 - Authenticated (Contributor+) Sensitive Information Exposure CVE-2024-8326 8.8 wesley (wcraft) December 16, 2024
9 s2Member (Pro) <= 241114 - Unauthenticated Remote Code Execution CVE-2024-51815 8.1 Hakiduck December 2, 2024
10 s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions <= 230815 - Information Exposure CVE-2024-0899 5.3 Francesco Carlucci March 18, 2024
View more vulnerabilities in this software package View more vulnerabilities

This record contains material that is subject to copyright.

Copyright 2012-2026 Defiant Inc.

License: Defiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy. Read more.

Copyright 1999-2026 The MITRE Corporation

License: CVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy. Read more.

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation