CVE-2021-20678

Click the icon to Follow me:- twitterTelegramRedditDiscord

Summary:

SQL injection vulnerability in the Paid Memberships Pro versions prior to 2.5.6 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.

Reference Links(if available):

  • https://www.paidmembershipspro.com/pmpro-update-2-5-6/
  • https://wordpress.org/plugins/paid-memberships-pro/
  • https://jvn.jp/en/jp/JVN08191557/index.html
  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)