CVE-2025-14844 | Membership Plugin Plugin up to 3.2.16 on WordPress rcp_stripe_create_setup_intent_for_saved_card client_secret resource injection

A vulnerability has been found in Membership Plugin Plugin up to 3.2.16 on WordPress and classified as problematic. Affected by this vulnerability is the function rcp_stripe_create_setup_intent_for_saved_card. The manipulation of the argument client_secret leads to improper control of resource identifiers.

This vulnerability is documented as CVE-2025-14844. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More