Known Vulnerabilities for products from Paidmembershipspro

Listed below are 7 of the newest known vulnerabilities associated with the vendor "Paidmembershipspro".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2022-4831 json The Custom User Profile Fields for User Registration WordPress plugin before 1.8.1 does not validate and escape some of its s... 5.4 - MEDIUM 2023-01-30 2023-11-07
CVE-2022-4830 json The Paid Memberships Pro WordPress plugin before 2.9.9 does not validate and escape some of its shortcode attributes before o... 5.4 - MEDIUM 2023-02-13 2023-12-28
CVE-2021-20678 json SQL injection vulnerability in the Paid Memberships Pro versions prior to 2.5.6 allows remote authenticated attackers to exec... 8.8 - HIGH 2021-03-18 2023-12-28
CVE-2021-4342 json ** REJECT ** CVE split into individual CVE IDs for each software record. Not Provided 2023-06-07 2023-11-07
CVE-2020-5579 json SQL injection vulnerability in the Paid Memberships versions prior to 2.3.3 allows attacker with administrator rights to exec... 7.2 - HIGH 2020-05-20 2021-03-23
CVE-2015-5532 json Multiple cross-site scripting (XSS) vulnerabilities in the Paid Memberships Pro (PMPro) plugin before 1.8.4.3 for WordPress a... 6.1 - MEDIUM 2017-10-23 2021-04-06
CVE-2014-8801 json Directory traversal vulnerability in services/getfile.php in the Paid Memberships Pro plugin before 1.7.15 for WordPress allo... 5 - MEDIUM 2014-11-28 2021-03-23

Known software with vulnerabilities from Paidmembershipspro

Type Vendor Product Version
ApplicationPaidmembershipsproPaid Memberships Pro1.1.10