Paid Memberships Pro Security Vulnerabilities and Issues — Paid Memberships Pro CVE List

Lucene search

StrangerstudiosPaid Memberships Pro

2 matches found

CVE•added 2021/03/18 1:15 a.m.•60 views

CVE-2021-20678

SQL injection vulnerability in the Paid Memberships Pro versions prior to 2.5.6 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.

8.8CVSS8.7AI score0.02557EPSS

CVE•added 2021/12/27 11:15 a.m.•59 views

CVE-2021-24979

The Paid Memberships Pro WordPress plugin before 2.6.6 does not escape the s parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting

6.1CVSS6AI score0.01998EPSS