Unrated severityNVD Advisory· Published Mar 20, 2023· Updated Feb 26, 2025
Paid Memberships Pro < 2.9.12 - Subscriber+ SQL Injection
CVE-2023-0631
Description
The Paid Memberships Pro WordPress plugin before 2.9.12 does not prevent subscribers from rendering shortcodes that concatenate attributes directly into an SQL query.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: < 2.9.12
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/19ef92fd-b493-4488-91f0-e6ba51362f79mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.