| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-30523 | WordPress Paid Memberships Pro – Mailchimp Add On plugin <= 2.3.4 - Sensitive Data Exposure vulnerability | Paid Memberships Pro | Paid Memberships Pro – Mailchimp Add On | Medium | 5.3 | 2024-03-31 18:11:22 | Deep Dive |
| CVE-2024-30514 | WordPress Paid Memberships Pro – Payfast Gateway Add On plugin <= 1.4.1 - Sensitive Data Exposure via Log File vulnerability | Paid Memberships Pro | Paid Memberships Pro – Payfast Gateway Add On | Medium | 5.3 | 2024-03-29 15:40:19 | Deep Dive |
| CVE-2024-1279 | Paid Memberships Pro < 2.12.9 - Contributor+ Arbitrary User Custom Field Disclosure | Unknown | Paid Memberships Pro | - | - | 2024-03-11 17:56:07 | Deep Dive |
| CVE-2024-1389 | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.11.1 - Missing Authorization via pms_stripe_connect_handle_authorization_return | cozmoslabs | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction | Medium | 5.3 | 2024-02-20 18:56:46 | Deep Dive |
| CVE-2024-1390 | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.11.1 - Missing Authorization via creating_pricing_table_page | cozmoslabs | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction | Medium | 4.3 | 2024-02-20 18:56:20 | Deep Dive |
| CVE-2024-0624 | Paid Memberships Pro <= 2.12.7 - Cross-Site Request Forgery to Level Orders Update | strangerstudios | Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions | Medium | 5.3 | 2024-01-25 01:55:03 | Deep Dive |
| CVE-2023-6855 | Paid Memberships Pro <= 2.12.5 - Missing Authorization via API | strangerstudios | Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions | Medium | 5.3 | 2024-01-11 08:32:32 | Deep Dive |
| CVE-2023-6187 | Paid Memberships Pro <= 2.12.3 - Authenticated (Subscriber+) Arbitrary File Upload | strangerstudios | Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions | High | 7.5 | 2023-11-18 01:54:35 | Deep Dive |
| CVE-2020-36754 | Paid Memberships Pro <= 2.4.2 - Cross-Site Request Forgery Bypass | strangerstudios | Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions | Medium | 4.3 | 2023-10-20 07:29:35 | Deep Dive |
| CVE-2023-0631 | Paid Memberships Pro < 2.9.12 - Subscriber+ SQL Injection | Unknown | Paid Memberships Pro | 高危 | - | 2023-03-20 15:52:11 | Deep Dive |
| CVE-2022-4830 | Paid Memberships Pro < 2.9.9 - Contributor+ Stored XSS via Shortcode | Unknown | Paid Memberships Pro | 中危 | - | 2023-02-13 14:32:31 | Deep Dive |
| CVE-2022-4831 | Custom User Profile Fields for User Registration & Member Frontend Profiles with Paid Memberships Pro < 1.8.1 - Contributor+ Stored XSS via Shortcode | Unknown | Custom User Profile Fields for User Registration & Member Frontend Profiles with Paid Memberships Pro | 中危 | - | 2023-01-30 20:31:56 | Deep Dive |
| CVE-2023-23488 | WordPress Plugin The Paid Memberships Pro SQL注入漏洞 | - | Paid Memberships Pro WordPress Plugin | 超危 | - | 2023-01-20 00:00:00 | Deep Dive |
| CVE-2021-25114 | Paid Memberships Pro < 2.6.7 - Unauthenticated Blind SQL Injection | Unknown | Paid Memberships Pro | 超危 | - | 2022-02-07 15:47:24 | Deep Dive |
| CVE-2021-24979 | Paid Memberships Pro < 2.6.6 - Reflected Cross-Site Scripting | Unknown | Paid Memberships Pro | 中危 | - | 2021-12-27 10:33:22 | Deep Dive |
| CVE-2021-20678 | WordPress plugin Paid Memberships Pro SQL注入漏洞 | Stranger Studios | Paid Memberships Pro | 高危 | - | 2021-03-18 00:56:05 | Deep Dive |
| CVE-2020-5579 | Paid Memberships Pro SQL注入漏洞 | Stranger Studios | Paid Memberships | 高危 | - | 2020-05-20 10:15:21 | Deep Dive |