Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:37 p.m.8 views

CVE-2020-36754

The Paid Memberships Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.2. This is due to missing or incorrect nonce validation on the pmpropagesave function. This makes it possible for unauthenticated attackers to save pages via a forged...

4.3CVSS6.4AI score0.00397EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/10/31 12:0 a.m.15 views

WordPress Paid Memberships Pro Plugin < 2.4.3 CSRF Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:paidmembershipspro:paidmembershipspro"; ifdescription...

4.3CVSS7AI score0.00397EPSS
Exploits1References1
NVD
NVD
added 2023/10/20 8:15 a.m.15 views

CVE-2020-36754

The Paid Memberships Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.2. This is due to missing or incorrect nonce validation on the pmpropagesave function. This makes it possible for unauthenticated attackers to save pages via a forged...

4.3CVSS4.2AI score0.00397EPSS
Exploits1References9
CVE
CVE
added 2023/10/20 7:29 a.m.46 views

CVE-2020-36754

CVE-2020-36754 affects the WordPress Paid Memberships Pro plugin. It is a Cross-Site Request Forgery vulnerability caused by missing/incorrect nonce validation in the pmpro_page_save() function, allowing unauthenticated attackers to save pages via forged requests if a site admin is tricked into p...

4.3CVSS4.2AI score0.00397EPSS
Exploits1References9Affected Software1
Rows per page
Query Builder