2 matches found
CVE-2024-1389
The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmsstripeconnecthandleauthorizationreturn function in all versions up to, and...
CVE-2024-1389
CVE-2024-1389 affects the WordPress plugin “Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction.” Root cause: missing capability check in pms_stripe_connect_handle_authorization_return, in all versions up to and including 2.11.1. Impact: unauthenticate...