Summary
The Paid Memberships Pro plugin for WordPress is prone to an information- disclosure vulnerability because it fails to sufficiently validate user- supplied data.
An attacker can exploit this issue to obtain sensitive information that may aid in further attacks.
Paid Memberships Pro 1.4.7 is vulnerable
other versions may also
be affected.
Solution
Vendor updates are available. Please see the references for more information.
References
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Adobe BlazeDS XML and XML External Entity Injection Vulnerabilities
- Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
- AdaptCMS Lite Cross Site Scripting and Remote File Include Vulnerabilities
- 1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
- Apache ActiveMQ Source Code Information Disclosure Vulnerability