Vulnerabilities > Strangerstudios > Paid Memberships PRO > 2.12.10

DATE CVE VULNERABILITY TITLE RISK
2024-11-01 CVE-2024-37277 Unspecified vulnerability in Strangerstudios Paid Memberships PRO
Authorization Bypass Through User-Controlled Key vulnerability in Paid Memberships Pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Paid Memberships Pro: from n/a through 3.0.4.
network
low complexity
strangerstudios
critical
 9.8
9.8
2024-05-02 CVE-2024-3215 Cross-Site Request Forgery (CSRF) vulnerability in Strangerstudios Paid Memberships PRO
The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.1.
network
low complexity
strangerstudios CWE-352
4.3
4.3
2024-04-24 CVE-2024-32793 Unspecified vulnerability in Strangerstudios Paid Memberships PRO
Cross-Site Request Forgery (CSRF) vulnerability in Paid Memberships Pro.This issue affects Paid Memberships Pro: from n/a through 2.12.10.
network
low complexity
strangerstudios
8.8
8.8
2024-04-24 CVE-2024-32794 Unspecified vulnerability in Strangerstudios Paid Memberships PRO
Cross-Site Request Forgery (CSRF) vulnerability in Paid Memberships Pro.This issue affects Paid Memberships Pro: from n/a through 2.12.10.
network
low complexity
strangerstudios
8.8
8.8