5 matches found
CVE-2024-1287
The pmpro-member-directory WordPress plugin before 1.2.6 does not prevent users with at least the contributor role from leaking other users' sensitive information, including password hashes via an SQLi vector...
CVE-2024-1287
creationtimestamp| type| source ---|---|--- 2024-07-30 09:02:47+00:00| seen| https://t.me/cvedetector/1988...
CVE-2024-1287 Paid Memberships Pro - Member Directory Add On < 1.2.6 - Contributor+ Sensitive Information Disclosure via SQLi
The pmpro-member-directory WordPress plugin before 1.2.6 does not prevent users with at least the contributor role from leaking other users' sensitive information, including password hashes via an SQLi vector...
CVE-2024-1287 Paid Memberships Pro - Member Directory Add On < 1.2.6 - Contributor+ Sensitive Information Disclosure via SQLi
The pmpro-member-directory WordPress plugin before 1.2.6 does not prevent users with at least the contributor role from leaking other users' sensitive information, including password hashes via an SQLi vector...
WordPress Paid Memberships Pro - Member Directory Add On Plugin < 1.2.6 is vulnerable to SQL Injection
Software Paid Memberships Pro - Member Directory Add On Type Plugin Vulnerable versions 1.2.6 Fixed in 1.2.6 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-1287 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 7039256f577b Credits Scott Kingsley Clark...