Description

WordPress Plugin Membership & Content Restriction-Paid Member Subscriptions is prone to multiple unspecified vulnerabilities. No available information exists regarding these issues and their impact on a vulnerable website. WordPress Plugin Membership & Content Restriction-Paid Member Subscriptions version 1.4.0 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 1.4.1 or latest

References

https://wordpress.org/plugins/paid-member-subscriptions/changelog/

Related Vulnerabilities

Moodle Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-5013)

Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8384)

Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20401)

WordPress Plugin Digital Publications by Supsystic Multiple Vulnerabilities (1.6.9)

WordPress Plugin Comments-wpDiscuz Cross-Site Request Forgery (7.3.3)

Severity

High

Tags

Missing Update