A vulnerability, which was classified as critical, has been found in Memberpress Plugin up to 1.11.29 on WordPress. Affected by this issue is the function
mepr-user-file
of the component Shortcode Handler. The manipulation leads to server-side request forgery.
This vulnerability is handled as CVE-2024-5031. The attack can only be done within the local network. There is no exploit available.