Known Vulnerabilities for products from Strangerstudios
Listed below are 13 of the newest known vulnerabilities associated with the vendor "Strangerstudios".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-0624 | 5.3 - MEDIUM | 2024-01-25 | 2024-01-31 | |
| CVE-2023-28419 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2023-11-12 | 2023-11-16 |
| CVE-2023-23488 | The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is affected by an unauthenticated SQL injection vulnerability in ... | 9.8 - CRITICAL | 2023-01-20 | 2023-04-03 |
| CVE-2023-5237 | The Memberlite Shortcodes WordPress plugin before 1.3.9 does not validate and escape some of its shortcode attributes before ... | 5.4 - MEDIUM | 2023-10-31 | 2023-11-08 |
| CVE-2023-0631 | The Paid Memberships Pro WordPress plugin before 2.9.12 does not prevent subscribers from rendering shortcodes that concatena... | 8.8 - HIGH | 2023-03-20 | 2023-11-07 |
| CVE-2022-4830 | The Paid Memberships Pro WordPress plugin before 2.9.9 does not validate and escape some of its shortcode attributes before o... | 5.4 - MEDIUM | 2023-02-13 | 2023-12-28 |
| CVE-2021-25114 | The Paid Memberships Pro WordPress plugin before 2.6.7 does not escape the discount_code in one of its REST route (available ... | 9.8 - CRITICAL | 2022-02-07 | 2022-02-10 |
| CVE-2021-24979 | The Paid Memberships Pro WordPress plugin before 2.6.6 does not escape the s parameter before outputting it back in an attrib... | 6.1 - MEDIUM | 2021-12-27 | 2022-01-06 |
| CVE-2021-20678 | SQL injection vulnerability in the Paid Memberships Pro versions prior to 2.5.6 allows remote authenticated attackers to exec... | 8.8 - HIGH | 2021-03-18 | 2023-12-28 |
| CVE-2020-36754 | The Paid Memberships Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, ... | 4.3 - MEDIUM | 2023-10-20 | 2023-12-28 |
| CVE-2020-5579 | SQL injection vulnerability in the Paid Memberships versions prior to 2.3.3 allows attacker with administrator rights to exec... | 7.2 - HIGH | 2020-05-20 | 2021-03-23 |
| CVE-2015-5532 | Multiple cross-site scripting (XSS) vulnerabilities in the Paid Memberships Pro (PMPro) plugin before 1.8.4.3 for WordPress a... | 6.1 - MEDIUM | 2017-10-23 | 2021-04-06 |
| CVE-2014-8801 | Directory traversal vulnerability in services/getfile.php in the Paid Memberships Pro plugin before 1.7.15 for WordPress allo... | 5 - MEDIUM | 2014-11-28 | 2021-03-23 |
Known software with vulnerabilities from Strangerstudios
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Strangerstudios | Paid Memberships Pro | 1.1.10 |