This is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is.
Post
Pulse WP
pulse-wp.com
did:plc:m7puovzqhxurz66hip2xwfs6
CVE-2026-11855. Simple Membership before 4.7.5. Admin accounts hijacked via unvalidated Stripe webhooks. Script injection in notices. CVSS 8.8.
No patch available. Disable the plugin now.
Scan your WordPress site: pulse-wp.com
#WordPress #CVE #CyberSecurity
2026-07-07T00:00:17.030Z