Lucene search
WPScanCVELIST:CVE-2021-24728HistorySep 13, 2021 - 5:56 p.m.
CVE-2021-24728 Paid Member Subscriptions < 2.4.2 - Authenticated SQL Injection
2021-09-1317:56:44
CWE-89
WPScan
www.cve.org
3
cve-2021-24728
sql injection
wordpress plugin
The Membership & Content Restriction – Paid Member Subscriptions WordPress plugin before 2.4.2 did not sanitise, validate or escape its order and orderby parameters before using them in SQL statement, leading to Authenticated SQL Injections in the Members and Payments pages.
CNA Affected
[
{
"product": "Membership & Content Restriction – Paid Member Subscriptions",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.4.2",
"status": "affected",
"version": "2.4.2",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2021-24728
2021-09-13 18:15:19
prion
prion
Sql injection
2021-09-13 18:15:00
wpvulndb
wpvulndb
Paid Member Subscriptions < 2.4.2 - Authenticated SQL Injection
2021-08-06 00:00:00
cve
cve
CVE-2021-24728
2021-09-13 18:15:19
wpexploit
wpexploit
Paid Member Subscriptions < 2.4.2 - Authenticated SQL Injection
2021-08-06 00:00:00