Lucene search
WPScanCVELIST:CVE-2024-1279HistoryMar 11, 2024 - 5:56 p.m.
CVE-2024-1279 Paid Memberships Pro < 2.12.9 - Contributor+ Arbitrary User Custom Field Disclosure
2024-03-1117:56:06
WPScan
www.cve.org
5
cve-2024-1279
paid memberships pro
wordpress
plugin
vulnerability
disclosure
user role
sensitive metadata
The Paid Memberships Pro WordPress plugin before 2.12.9 does not prevent user with at least the contributor role from leaking other users’ sensitive metadata.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Paid Memberships Pro",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "2.12.9"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
prion
prion
Code injection
2024-03-11 18:15:00
nvd
nvd
CVE-2024-1279
2024-03-11 18:15:17
cve
cve
CVE-2024-1279
2024-03-11 18:15:17
vulnrichment
vulnrichment
wpexploit
wpexploit
wpvulndb
wpvulndb