CVE-2026-3688 | wclovers WCFM Membership Plugin up to 2.11.10 AJAX Action wcfmvm_membership_change resource injection
A vulnerability classified as critical was found in wclovers WCFM Membership Plugin up to 2.11.10. This affects the function wcfmvm_membership_change of the component AJAX Action. The manipulation results in improper control of resource identifiers.
This vulnerability is cataloged as CVE-2026-3688. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More