9 matches found
WordPress Paid Memberships Pro 2.9.8 SQL Injection
!/usr/bin/env python Exploit Title: Paid Memberships Pro v2.9.8 WordPress Plugin - Unauthenticated SQL Injection Exploit Author: r3nt0n CVE: CVE-2023-23488 Date: 2023/01/24 Vulnerability discovered by Joshua Martinelle Vendor Homepage: https://www.paidmembershipspro.com Software Link:...
Paid Memberships Pro v2.9.8 (WordPress Plugin) - Unauthenticated SQL Injection
!/usr/bin/env python Exploit Title: Paid Memberships Pro v2.9.8 WordPress Plugin - Unauthenticated SQL Injection Exploit Author: r3nt0n CVE: CVE-2023-23488 Date: 2023/01/24 Vulnerability discovered by Joshua Martinelle Vendor Homepage: https://www.paidmembershipspro.com Software Link:...
WordPress Paid Memberships Pro v2.9.8 Plugin - Unauthenticated SQL Injection Exploit
!/usr/bin/env python Exploit Title: Paid Memberships Pro v2.9.8 WordPress Plugin - Unauthenticated SQL Injection Exploit Author: r3nt0n CVE: CVE-2023-23488 Vulnerability discovered by Joshua Martinelle Vendor Homepage: https://www.paidmembershipspro.com Software Link:...
CVE-2023-23488
The Paid Memberships Pro WordPress Plugin, version 2.9.8, is affected by an unauthenticated SQL injection vulnerability in the 'code' parameter of the '/pmpro/v1/order' REST route...
CVE-2023-23488
The Paid Memberships Pro WordPress Plugin, version 2.9.8, is affected by an unauthenticated SQL injection vulnerability in the 'code' parameter of the '/pmpro/v1/order' REST route...
CVE-2023-23488
CVE-2023-23488 affects the WordPress plugin Paid Memberships Pro (versions
CVE-2023-23488
creationtimestamp| type| source ---|---|--- 2023-01-15 09:28:44+00:00| seen| https://t.me/DailyToolz/582 2023-01-16 17:30:07+00:00| seen| https://t.me/truesecator/3945 2023-01-19 15:57:30+00:00| seen|...
VulnCheck KEV: CVE-2023-23488
The Paid Memberships Pro WordPress Plugin, version 2.9.8, is affected by an unauthenticated SQL injection vulnerability in the 'code' parameter of the '/pmpro/v1/order' REST route...
WordPress Paid Memberships Pro Plugin <= 2.9.7 is vulnerable to SQL Injection
Software Paid Memberships Pro Type Plugin Vulnerable versions = 2.9.7 Fixed in 2.9.8 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-23488 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID ac5e3d7c8149 Credits Joshua Martinelle Required privilege...