RSS   Vulnerabilities for 'Paid memberships pro'   RSS

2022-02-07
 
CVE-2021-25114

CWE-89
 

 
The Paid Memberships Pro WordPress plugin before 2.6.7 does not escape the discount_code in one of its REST route (available to unauthenticated users) before using it in a SQL statement, leading to a SQL injection

 


Copyright 2024, cxsecurity.com

 

Back to Top