Paid Memberships Pro
N/A
Developer
N/A
Latest version
N/A
Installations
N/A
Last updated
Vulnerability history
0 present
25 patched
6 Mitigation rules
- Cross-Site Request Forgery to Level Orders Update vulnerability<= 2.12.703/02/2026
- Contributor+ Arbitrary User Custom Field Disclosure vulnerability< 2.12.930/01/2026
- Authenticated SQL Injection vulnerability<= 3.0.504/07/2024
- Insecure Direct Object References (IDOR) vulnerability<= 3.0.428/06/2024
- Cross-Site Request Forgery to Membership Modification vulnerability<= 2.12.1019/06/2024
- Cross Site Request Forgery (CSRF) vulnerability<= 2.12.1022/04/2024
- Cross Site Request Forgery (CSRF) vulnerability<= 2.12.1022/04/2024
- Cross-Site Request Forgery vulnerability<= 3.0.116/04/2024
- Cross-Site Request Forgery vulnerability<= 2.12.1011/04/2024
- Cross-Site Request Forgery vulnerability<= 2.12.1011/04/2024
- Authenticated (Contributor+) User Meta Disclosure vulnerability<= 2.12.812/02/2024
- Information Exposure in Debug Logs vulnerability<= 2.12.615/01/2024
- Missing Authorization via API vulnerability<= 2.12.521/12/2023
- Auth. SQL Injection (SQLi) vulnerability<= 2.9.1128/02/2023
- Contributor+ Stored XSS via Shortcode vulnerability< 2.9.923/01/2023
- Unauthenticated SQL Injection Vulnerability<= 2.9.714/01/2023
- Unauthenticated Blind SQL Injection (SQLi) vulnerability<= 2.6.607/01/2022
- Reflected Cross-Site Scripting (XSS) vulnerability<= 2.6.523/11/2021
- Insecure Direct Object Reference & sensitive information disclosure vulnerability<= 2.5.206/02/2021
- Authenticated Cross-Site Scripting (XSS) vulnerability<= 2.503/12/2020
- Cross-Site Request Forgery (CSRF) vulnerability<= 2.4.216/09/2020
- Authenticated SQL Injection (SQLi) vulnerability<= 2.3.219/05/2020
- Authenticated Open Redirect vulnerability<= 2.0.511/06/2019
- Directory Traversal<= 1.7.1413/11/2014
- Information Disclosure<= 1.4.701/08/2014