Skip to main content

WP eMember CVE-2026-49077

| EUVDEUVD-2026-34241 MEDIUM
Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497)
2026-06-04 Patchstack GHSA-4rgr-wmhw-58fg
5.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.3 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

1
Analysis Generated
Jun 04, 2026 - 11:30 vuln.today

DescriptionCVE.org

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Tips and Tricks HQ WP eMember allows Retrieve Embedded Sensitive Data.

This issue affects WP eMember: from n/a through v10.2.2.

AnalysisAI

Sensitive data exposure in the WP eMember WordPress plugin (Tips and Tricks HQ) through version 10.2.2 allows unauthenticated remote attackers to retrieve embedded sensitive system information via a network request. The vulnerability is classified under CWE-497, meaning internally sensitive data is reachable from an unauthorized control sphere - in this case, the open internet without credentials. No public exploit code or CISA KEV listing has been identified at time of analysis, and exploitation probability from EPSS data was not provided, but the CVSS vector (AV:N/AC:L/PR:N/UI:N) confirms this is trivially reachable from any network source.

Technical ContextAI

WP eMember is a WordPress membership management plugin developed by Tips and Tricks HQ, identified by CPE cpe:2.3:a:tips_and_tricks_hq:wp_emember:*:*:*:*:*:*:*:*. The root cause is CWE-497 (Exposure of Sensitive System Information to an Unauthorized Control Sphere), which occurs when an application inadvertently surfaces sensitive internal data - such as configuration values, system paths, API keys, or internal state - through a publicly accessible interface. In the WordPress context, this commonly manifests as unprotected REST API endpoints, publicly readable PHP output, or improperly gated AJAX handlers that return data intended only for authenticated or privileged users. The CVSS vector (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) indicates the exposure is reachable over the network with no authentication, no user interaction, and no elevated attack complexity, though the confidentiality impact is rated Low, suggesting partial rather than full data exposure.

RemediationAI

Site administrators should update WP eMember to a version beyond v10.2.2 immediately; the Patchstack advisory at https://patchstack.com/database/wordpress/plugin/wp-emember/vulnerability/wordpress-wp-emember-plugin-v10-2-2-sensitive-data-exposure-vulnerability should be consulted for the confirmed fixed version, as the exact patched release number was not independently confirmed in the available intelligence data. If an immediate update is not feasible, consider using a WordPress security plugin such as Patchstack or Wordfence to apply a virtual patch rule blocking access to the vulnerable endpoint while the core update is prepared. Additionally, restricting access to the WordPress installation via IP allowlisting at the web server or WAF layer can reduce exposure surface, though this may impact legitimate member access. Audit the site for any sensitive data that may have been accessible and review WordPress and server-side logs for anomalous unauthenticated requests to plugin endpoints.

CVE-2024-5080 HIGH POC
8.8 Jul 13

The wp-eMember WordPress plugin before 10.6.6 does not validate files to be uploaded, which could allow admins to upload

CVE-2024-5076 HIGH POC
8.8 Jul 13

The wp-eMember WordPress plugin before 10.6.6 does not have CSRF checks in some places, which could allow attackers to m

CVE-2024-4749 HIGH POC
8.3 Jun 04

The wp-eMember WordPress plugin before 10.3.9 does not sanitize and escape the "fieldId" parameter before outputting it

CVE-2024-5715 HIGH POC
7.1 Jul 13

The wp-eMember WordPress plugin before 10.6.7 does not sanitise and escape a parameter before outputting it back in the

CVE-2024-5744 MEDIUM POC
6.8 Jul 13

The wp-eMember WordPress plugin before 10.6.7 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it

CVE-2024-5077 MEDIUM POC
6.8 Jul 13

The wp-eMember WordPress plugin before 10.6.6 does not have CSRF check in some places, and is missing sanitisation as we

CVE-2024-5081 MEDIUM POC
6.1 Aug 05

The wp-eMember WordPress plugin before v10.7.0 does not have CSRF check in some places, and is missing sanitisation as w

CVE-2024-5079 MEDIUM POC
6.1 Jul 13

The wp-eMember WordPress plugin before 10.6.7 does not sanitise and escape some of the fields when members register, whi

CVE-2024-5075 MEDIUM POC
5.9 Jul 13

The wp-eMember WordPress plugin before 10.6.6 does not sanitise and escape a parameter before outputting it back in the

CVE-2024-5074 MEDIUM POC
5.4 Jul 13

The wp-eMember WordPress plugin before 10.6.6 does not sanitise and escape a parameter before outputting it back in the

CVE-2026-54811 CRITICAL
9.3 Jun 17

Unauthenticated SQL injection in the WP eMember WordPress plugin versions prior to 10.9.4 allows remote attackers to inj

CVE-2026-28073 HIGH
7.1 Mar 19

A reflected cross-site scripting (XSS) vulnerability exists in the WP eMember WordPress plugin by Tips and Tricks HQ, af

Share

CVE-2026-49077 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy