Known Vulnerabilities for products from Strangerstudios

Listed below are 18 of the newest known vulnerabilities associated with the vendor "Strangerstudios".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2024-3215 json The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable ... Not Provided 2024-05-02 2026-04-08
CVE-2024-1407 json The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable ... Not Provided 2024-06-19 2026-04-08
CVE-2024-0624 json The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable ... Not Provided 2024-01-25 2026-04-08
CVE-2024-0588 json The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable ... Not Provided 2024-04-09 2026-04-08
CVE-2023-28419 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 8.8 - HIGH 2023-11-12 2023-11-16
CVE-2023-23488 json The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is affected by an unauthenticated SQL injection vulnerability in ... 9.8 - CRITICAL 2023-01-20 2023-04-03
CVE-2023-6855 json The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable ... Not Provided 2024-01-11 2026-04-08
CVE-2023-6187 json The Paid Memberships Pro plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validatio... Not Provided 2023-11-18 2026-04-08
CVE-2023-5237 json The Memberlite Shortcodes WordPress plugin before 1.3.9 does not validate and escape some of its shortcode attributes before ... 5.4 - MEDIUM 2023-10-31 2023-11-08
CVE-2023-0631 json The Paid Memberships Pro WordPress plugin before 2.9.12 does not prevent subscribers from rendering shortcodes that concatena... 8.8 - HIGH 2023-03-20 2023-11-07
CVE-2022-4830 json The Paid Memberships Pro WordPress plugin before 2.9.9 does not validate and escape some of its shortcode attributes before o... 5.4 - MEDIUM 2023-02-13 2023-12-28
CVE-2021-25114 json The Paid Memberships Pro WordPress plugin before 2.6.7 does not escape the discount_code in one of its REST route (available ... 9.8 - CRITICAL 2022-02-07 2022-02-10
CVE-2021-24979 json The Paid Memberships Pro WordPress plugin before 2.6.6 does not escape the s parameter before outputting it back in an attrib... 6.1 - MEDIUM 2021-12-27 2022-01-06
CVE-2021-20678 json SQL injection vulnerability in the Paid Memberships Pro versions prior to 2.5.6 allows remote authenticated attackers to exec... 8.8 - HIGH 2021-03-18 2023-12-28
CVE-2020-36754 json The Paid Memberships Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, ... Not Provided 2023-10-20 2026-04-08
CVE-2020-5579 json SQL injection vulnerability in the Paid Memberships versions prior to 2.3.3 allows attacker with administrator rights to exec... 7.2 - HIGH 2020-05-20 2021-03-23
CVE-2015-5532 json Multiple cross-site scripting (XSS) vulnerabilities in the Paid Memberships Pro (PMPro) plugin before 1.8.4.3 for WordPress a... 6.1 - MEDIUM 2017-10-23 2021-04-06
CVE-2014-8801 json Directory traversal vulnerability in services/getfile.php in the Paid Memberships Pro plugin before 1.7.15 for WordPress allo... 5 - MEDIUM 2014-11-28 2021-03-23

Known software with vulnerabilities from Strangerstudios

Type Vendor Product Version
ApplicationStrangerstudiosPaid Memberships Pro1.1.10