exploitDog

GHSA-c7j2-766v-p4pp

Опубликовано: 20 мар. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

The Paid Memberships Pro WordPress plugin before 2.9.12 does not prevent subscribers from rendering shortcodes that concatenate attributes directly into an SQL query.

The Paid Memberships Pro WordPress plugin before 2.9.12 does not prevent subscribers from rendering shortcodes that concatenate attributes directly into an SQL query.

Ссылки

EPSS

Процентиль: 99%

0.80128

Высокий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2023-0631

CVSS3: 8.8

nvd

почти 3 года назад

The Paid Memberships Pro WordPress plugin before 2.9.12 does not prevent subscribers from rendering shortcodes that concatenate attributes directly into an SQL query.

EPSS

Процентиль: 99%

0.80128

Высокий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-89