Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| DaleAB | Membee Login | unaffected |
|
No data.
No data.
OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.
| Vendors | Products |
|---|---|
|
Daleab
Subscribe
|
Membee Login
Subscribe
|
|
Wordpress
Subscribe
|
Wordpress
Subscribe
|
Project Subscriptions
No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Mon, 23 Feb 2026 15:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Daleab
Daleab membee Login Wordpress Wordpress wordpress |
|
| Vendors & Products |
Daleab
Daleab membee Login Wordpress Wordpress wordpress |
Fri, 20 Feb 2026 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DaleAB Membee Login membees-member-login-widget allows Reflected XSS.This issue affects Membee Login: from n/a through <= 2.3.6. | |
| Title | WordPress Membee Login plugin <= 2.3.6 - Cross Site Scripting (XSS) vulnerability | |
| Weaknesses | CWE-79 | |
| References |
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-02-20T15:46:42.323Z
Reserved: 2025-12-24T14:00:10.432Z
Link: CVE-2025-68844
Vulnrichment
No data.
NVD
Status : Awaiting Analysis
Published: 2026-02-20T16:22:13.133
Modified: 2026-02-20T16:55:22.933
Link: CVE-2025-68844
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-02-23T14:38:04Z