2 matches found
CVE-2024-37486
CVE-2024-37486 is an authenticated SQL injection in Paid Memberships Pro for WordPress, affecting versions from n/a up to 3.0.5. The vulnerability is authenticated (Administrator+) and could impact confidentiality, integrity, and availability. Wordfence assigns a Critical severity (CVSS v3.1/9.1)...
WordPress Paid Memberships Pro Plugin <= 3.0.5 is vulnerable to SQL Injection
Software Paid Memberships Pro Type Plugin Vulnerable versions = 3.0.5 Fixed in 3.0.6 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-37486 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 6111a0093c77 Credits Trương Hữu Phúc truonghuuphuc Required...