CVE-2024-1287 – Paid Memberships Pro - Member Directory Add On < 1.2.6 - Contributor+ Sensitive Information Disclosure and SQLi

https://notcve.org/view.php?id=CVE-2024-1287

The pmpro-member-directory WordPress plugin before 1.2.6 does not prevent users with at least the contributor role from leaking other users' sensitive information, including password hashes. The Paid Memberships Pro - Member Directory Add On plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to 1.2.6 (exclusive) through the 'pmpro_member_directory' shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to extract sensitive user meta data, including password hashes. • https://wpscan.com/vulnerability/169e5756-4e12-4add-82e9-47471c30f08c • CWE-202: Exposure of Sensitive Information Through Data Queries CWE-639: Authorization Bypass Through User-Controlled Key •