logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-24728

Description

The Membership & Content Restriction – Paid Member Subscriptions WordPress plugin before 2.4.2 did not sanitise, validate or escape its order and orderby parameters before using them in SQL statement, leading to Authenticated SQL Injections in the Members and Payments pages.


Affected Software


CPE Name Name Version
cozmoslabs:membership_\&_content_restriction_-_paid_member_subscriptions cozmoslabs membership \& content restriction - paid member subscriptions 2.4.2

Related