Known Vulnerabilities for Paid Memberships Pro by Strangerstudios
Listed below are 10 of the newest known vulnerabilities associated with "Paid Memberships Pro" by "Strangerstudios".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-0624 | 5.3 - MEDIUM | 2024-01-25 | 2024-01-31 | |
| CVE-2023-23488 | The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is affected by an unauthenticated SQL injection vulnerability in ... | 9.8 - CRITICAL | 2023-01-20 | 2023-04-03 |
| CVE-2023-0631 | The Paid Memberships Pro WordPress plugin before 2.9.12 does not prevent subscribers from rendering shortcodes that concatena... | 8.8 - HIGH | 2023-03-20 | 2023-11-07 |
| CVE-2022-4830 | The Paid Memberships Pro WordPress plugin before 2.9.9 does not validate and escape some of its shortcode attributes before o... | 5.4 - MEDIUM | 2023-02-13 | 2023-12-28 |
| CVE-2021-25114 | The Paid Memberships Pro WordPress plugin before 2.6.7 does not escape the discount_code in one of its REST route (available ... | 9.8 - CRITICAL | 2022-02-07 | 2022-02-10 |
| CVE-2021-24979 | The Paid Memberships Pro WordPress plugin before 2.6.6 does not escape the s parameter before outputting it back in an attrib... | 6.1 - MEDIUM | 2021-12-27 | 2022-01-06 |
| CVE-2021-20678 | SQL injection vulnerability in the Paid Memberships Pro versions prior to 2.5.6 allows remote authenticated attackers to exec... | 8.8 - HIGH | 2021-03-18 | 2023-12-28 |
| CVE-2020-36754 | The Paid Memberships Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, ... | 4.3 - MEDIUM | 2023-10-20 | 2023-12-28 |
| CVE-2020-5579 | SQL injection vulnerability in the Paid Memberships versions prior to 2.3.3 allows attacker with administrator rights to exec... | 7.2 - HIGH | 2020-05-20 | 2021-03-23 |
| CVE-2015-5532 | Multiple cross-site scripting (XSS) vulnerabilities in the Paid Memberships Pro (PMPro) plugin before 1.8.4.3 for WordPress a... | 6.1 - MEDIUM | 2017-10-23 | 2021-04-06 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Strangerstudios | Paid Memberships Pro | 2.3.3 | |||
| Application | Strangerstudios | Paid Memberships Pro | 2.0.7 | |||
| Application | Strangerstudios | Paid Memberships Pro | 2.0.6 | |||
| Application | Strangerstudios | Paid Memberships Pro | 2.0.5 | |||
| Application | Strangerstudios | Paid Memberships Pro | 2.0.4 | |||
| Application | Strangerstudios | Paid Memberships Pro | 2.0.3 | |||
| Application | Strangerstudios | Paid Memberships Pro | 2.0.2 | |||
| Application | Strangerstudios | Paid Memberships Pro | 2.0.1 | |||
| Application | Strangerstudios | Paid Memberships Pro | 2.0 | |||
| Application | Strangerstudios | Paid Memberships Pro | 1.9.5.6 | |||
| Application | Strangerstudios | Paid Memberships Pro | 1.9.5.5 | |||
| Application | Strangerstudios | Paid Memberships Pro | 1.9.5.4 | |||
| Application | Strangerstudios | Paid Memberships Pro | 1.9.5.3 | |||
| Application | Strangerstudios | Paid Memberships Pro | 1.9.5.2 | |||
| Application | Strangerstudios | Paid Memberships Pro | 1.9.5.1 | |||
| Application | Strangerstudios | Paid Memberships Pro | 1.9.5 | |||
| Application | Strangerstudios | Paid Memberships Pro | 1.9.4.4 | |||
| Application | Strangerstudios | Paid Memberships Pro | 1.9.4.3 | |||
| Application | Strangerstudios | Paid Memberships Pro | 1.9.4.2 | |||
| Application | Strangerstudios | Paid Memberships Pro | 1.9.4.1 |