CVE-2020-5579: SQL Injection
First published: Wed May 20 2020(Updated: )
SQL injection vulnerability in the Paid Memberships versions prior to 2.3.3 allows attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Strangerstudios Paid Memberships Pro | <2.3.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-5579?
The severity of CVE-2020-5579 is high with a severity value of 7.2.
What is CVE-2020-5579?
CVE-2020-5579 is a SQL injection vulnerability in the Paid Memberships plugin for WordPress versions prior to 2.3.3.
How does CVE-2020-5579 affect the Paid Memberships plugin?
CVE-2020-5579 allows an attacker with administrator rights to execute arbitrary SQL commands through unspecified vectors.
How can I fix CVE-2020-5579?
To fix CVE-2020-5579, you need to update the Paid Memberships plugin to version 2.3.3 or higher.
Where can I find more information about CVE-2020-5579?
You can find more information about CVE-2020-5579 at the following references: [Reference 1](https://jvn.jp/en/jp/JVN20248858/index.html) and [Reference 2](https://www.paidmembershipspro.com/pmpro-update-2-3-3-security-release/).
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/tags
- agent/event
- vendor/strangerstudios
- canonical/strangerstudios paid memberships pro