Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Cozmoslabs Subscribe
Filtered by product Membership \& Content Restriction - Paid Member Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-24728 1 Cozmoslabs 1 Membership \& Content Restriction - Paid Member Subscriptions 2023-12-10 6.5 MEDIUM 8.8 HIGH
The Membership & Content Restriction – Paid Member Subscriptions WordPress plugin before 2.4.2 did not sanitise, validate or escape its order and orderby parameters before using them in SQL statement, leading to Authenticated SQL Injections in the Members and Payments pages.