Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-20	CVE-2023-23488	SQL Injection vulnerability in Strangerstudios Paid Memberships PRO The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is affected by an unauthenticated SQL injection vulnerability in the 'code' parameter of the '/pmpro/v1/order' REST route. network low complexity strangerstudios CWE-89 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.