4 matches found
CVE-2024-37277
Authorization Bypass Through User-Controlled Key vulnerability in Paid Memberships Pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Paid Memberships Pro: from n/a through 3.0.4...
CVE-2024-37277 WordPress Paid Memberships Pro plugin <= 3.0.4 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Paid Memberships Pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Paid Memberships Pro: from n/a through 3.0.4...
CVE-2024-37277
CVE-2024-37277 is an Authorization Bypass via a user-controlled key affecting Paid Memberships Pro
WordPress Paid Memberships Pro Plugin <= 3.0.4 is vulnerable to Insecure Direct Object References (IDOR)
Software Paid Memberships Pro Type Plugin Vulnerable versions = 3.0.4 Fixed in 3.0.5 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-37277 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID dc85580f8dca Credits Rafie...