Lucene search
Membership & Content Restriction - Paid Member Subscriptions Security Vulnerabilities - February
cve
The Membership & Content Restriction – Paid Member Subscriptions WordPress plugin before 2.4.2 did not sanitise, validate or escape its order and orderby parameters before using them in SQL statement, leading to Authenticated SQL Injections in the Members and Payments pages.
8.8CVSS
8.8AI Score
0.002EPSS
2021-09-13 06:15 PM
38
cve
Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Paid Member Subscriptions.This issue affects Paid Member Subscriptions: from n/a through 2.10.4.
4.3CVSS
4.7AI Score
0.0004EPSS
2024-03-15 03:15 PM
48
cve
Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Paid Member Subscriptions.This issue affects Paid Member Subscriptions: from n/a through 2.11.0.
4.3CVSS
6.8AI Score
0.0004EPSS
2024-04-24 03:15 PM
32