Membership & Content Restriction - Paid Member Subscriptions Security Vulnerabilities and Issues — Membership & Content Restriction - Paid Member Subscriptions CVE List

Lucene search

CozmoslabsMembership & Content Restriction - Paid Member Subscriptions

3 matches found

CVE•added 2025/01/14 10:15 a.m.•47 views

CVE-2024-12919

The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.13.7. This is due to the pms_pb_payment_redirect_link function using the user-controlled value sup...

9.8CVSS9.4AI score0.00172EPSS

CVE•added 2025/03/28 10:15 a.m.•38 views

CVE-2025-31088

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cozmoslabs Paid Member Subscriptions allows Stored XSS. This issue affects Paid Member Subscriptions: from n/a through 2.14.3.

6.5CVSS6.9AI score0.00045EPSS

CVE•added 2025/07/04 12:15 p.m.•7 views

CVE-2025-49870

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozmoslabs Paid Member Subscriptions allows SQL Injection. This issue affects Paid Member Subscriptions: from n/a through 2.15.1.

7.5CVSS7.2AI score0.00039EPSS