📦 Paid Memberships Pro

Name: Paid Memberships Pro
Author: Strangerstudios

by Strangerstudios

🔍 What is Paid Memberships Pro?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2021-25114

CRITICAL CVSS 9.8 Feb 7, 2022

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress sites running vulnerable versions of the Paid Memberships Pro plugin. Attackers can potentially read, ...

CVE-2024-37277

HIGH CVSS 7.5 Nov 1, 2024

This CVE describes an Insecure Direct Object Reference (IDOR) vulnerability in the Paid Memberships Pro WordPress plugin. Attackers can manipulate user-controlled keys to bypass authorization checks a...

CVE-2021-20678

HIGH CVSS 8.8 Mar 18, 2021

This SQL injection vulnerability in Paid Memberships Pro WordPress plugin allows authenticated attackers to execute arbitrary SQL commands on the database. It affects all WordPress sites running Paid ...

CVE-2024-1286

MEDIUM CVSS 4.9 Jul 30, 2024

The pmpro-membership-maps WordPress plugin before version 0.7 contains an information disclosure vulnerability that allows users with at least contributor-level permissions to access sensitive members...

CVE-2024-1407

MEDIUM CVSS 5.4 Jun 19, 2024

This CSRF vulnerability in Paid Memberships Pro WordPress plugin allows attackers to manipulate user memberships without authentication. Attackers can trick logged-in users into clicking malicious lin...