Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-0631

Disclosure Date: March 20, 2023 (last updated October 08, 2023)
The Paid Memberships Pro WordPress plugin before 2.9.12 does not prevent subscribers from rendering shortcodes that concatenate attributes directly into an SQL query.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0