← back
CVE-2021-20678

CVE-2021-20678

EPSS 2.0%
SQL injection vulnerability in the Paid Memberships Pro versions prior to 2.5.6 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
Affected products
Stranger Studios · Paid Memberships Pro

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jvn.jp/en/jp/JVN08191557/index.htmlhttps://wordpress.org/plugins/paid-memberships-pro/https://www.paidmembershipspro.com/pmpro-update-2-5-6/