CVE-2021-20678

Summary

SQL injection vulnerability in the Paid Memberships Pro versions prior to 2.5.6 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.

Affected Software

VendorProductVersion RangeStatus
Stranger StudiosPaid Memberships Proversions prior to 2.5.6affected

Weaknesses

  • SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References