VYPR
Unrated severityNVD Advisory· Published Mar 20, 2023· Updated Feb 26, 2025

Paid Memberships Pro < 2.9.12 - Subscriber+ SQL Injection

CVE-2023-0631

Description

The Paid Memberships Pro WordPress plugin before 2.9.12 does not prevent subscribers from rendering shortcodes that concatenate attributes directly into an SQL query.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.