SQL Injection Vulnerability in Paid Memberships Plugin (Versions Prior to 2.3.3) Allows Arbitrary SQL Command Execution

SQL Injection Vulnerability in Paid Memberships Plugin (Versions Prior to 2.3.3) Allows Arbitrary SQL Command Execution

CVE-2020-5579 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

SQL injection vulnerability in the Paid Memberships versions prior to 2.3.3 allows attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors.

Learn more about our Web Application Penetration Testing UK.