4 matches found
WordPress Paid Member Subscriptions Plugin <= 2.13.0 is vulnerable to Arbitrary Code Execution
Software Paid Member Subscriptions Type Plugin Vulnerable versions = 2.13.0 Fixed in 2.13.1 OWASP Top 10 A3: Injection Classification Arbitrary Code Execution CVE CVE-2024-10261 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID da8c77c26afb Credits Arkadiusz Hydzik Require...
CVE-2024-10261
creationtimestamp| type| source ---|---|--- 2024-11-09 14:08:59+00:00| seen| https://t.me/cvedetector/10351 2024-11-10 11:31:05+00:00| seen| https://infosec.exchange/users/vuldb/statuses/113458430943754048...
CVE-2024-10261 Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.0 - Unauthenticated Arbitrary Shortcode Execution
The The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.13.0. This is due to the software allowing users to execute an action that does not...
CVE-2024-10261
CVE-2024-10261 affects the Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction WordPress plugin (