Back
WordPress Paid Memberships Pro plugin <= 2.5.2 - Insecure Direct Object Reference & sensitive information disclosure vulnerability
- Product
- Paid Memberships Pro
- Description
- Insecure Direct Object Reference & sensitive information disclosure vulnerability found in WordPress Paid Memberships Pro plugin (versions <= 2.5.2).
- Solution
- Update the WordPress Paid Memberships Pro plugin to the latest available version (at least 2.5.3).
- Classification
-
Type Information Disclosure
OWASP Top 10 A4: Insecure Direct Object References
- References
-
Changeset
Plugin changelog
- CVE
- Name CVE-N/A
- Versions
-
Affected In
<= 2.5.2
Fixed In 2.5.3
- Disclosure date
- 2021-02-06