CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37486 – WordPress Paid Memberships Pro plugin <= 3.0.5 - Authenticated SQL Injection vulnerability
https://notcve.org/view.php?id=CVE-2024-37486
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Paid Memberships Pro.This issue affects Paid Memberships Pro: from n/a through 3.0.5. Neutralización incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL ("Inyección SQL") en Paid Memberships Pro. Este problema afecta a Paid Memberships Pro: desde n/a hasta 3.0.5. The Paid Memberships Pro plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 3.0.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. • https://patchstack.com/database/vulnerability/paid-memberships-pro/wordpress-paid-memberships-pro-plugin-3-0-5-authenticated-sql-injection-vulnerability?_s_id=cve • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37277 – WordPress Paid Memberships Pro plugin <= 3.0.4 - Insecure Direct Object References (IDOR) vulnerability
https://notcve.org/view.php?id=CVE-2024-37277
Authorization Bypass Through User-Controlled Key vulnerability in Paid Memberships Pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Paid Memberships Pro: from n/a through 3.0.4. The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.0.4 via the pmpro_twocheckoutValidate function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to update an order status to paid. • https://patchstack.com/database/vulnerability/paid-memberships-pro/wordpress-paid-memberships-pro-plugin-3-0-4-insecure-direct-object-references-idor-vulnerability?_s_id=cve • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32793 – WordPress Paid Memberships Pro plugin <= 2.12.10 - Cross Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2024-32793
Cross-Site Request Forgery (CSRF) vulnerability in Paid Memberships Pro.This issue affects Paid Memberships Pro: from n/a through 2.12.10. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Paid Memberships Pro. Este problema afecta a Paid Memberships Pro: desde n/a hasta 2.12.10. The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.12.10. This is due to missing or incorrect nonce validation on an unknown function. • https://patchstack.com/database/vulnerability/paid-memberships-pro/wordpress-paid-memberships-pro-plugin-2-12-10-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-1279 – Paid Memberships Pro < 2.12.9 - Contributor+ Arbitrary User Custom Field Disclosure
https://notcve.org/view.php?id=CVE-2024-1279
The Paid Memberships Pro WordPress plugin before 2.12.9 does not prevent user with at least the contributor role from leaking other users' sensitive metadata. El complemento Paid Memberships Pro de WordPress anterior a 2.12.9 no impide que el usuario con al menos el rol de colaborador filtre metadatos confidenciales de otros usuarios. The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.12.8. This makes it possible for authenticated attackers, with contributor-level access and above, to extract user meta data utilizing the pmpro_member shortcode. • https://wpscan.com/vulnerability/4c537264-0c23-428e-9a11-7a9e74fb6b69 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0624 – Paid Memberships Pro <= 2.12.7 - Cross-Site Request Forgery to Level Orders Update
https://notcve.org/view.php?id=CVE-2024-0624
The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.12.7. This is due to missing or incorrect nonce validation on the pmpro_update_level_order() function. This makes it possible for unauthenticated attackers to update the order of levels via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. El complemento Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 2.12.7 incluida. Esto se debe a una validación nonce faltante o incorrecta en la función pmpro_update_level_order(). • https://github.com/kodaichodai/CVE-2024-0624 https://plugins.trac.wordpress.org/browser/paid-memberships-pro/trunk/includes/services.php#L139 https://plugins.trac.wordpress.org/changeset/3025164/paid-memberships-pro/tags/2.12.8/includes/services.php https://www.wordfence.com/threat-intel/vulnerabilities/id/ae68d083-b6e2-409b-8c91-d4eb7e62dba9?source=cve • CWE-352: Cross-Site Request Forgery (CSRF) •