CVE-2024-0624 | Paid Memberships Pro Plugin up to 2.12.7 on WordPress Level Orders Update cross-site request forgery

Posted by Angelo Barbosa | Jan 24, 2024 | CVE

A vulnerability classified as problematic was found in Paid Memberships Pro Plugin up to 2.12.7 on WordPress. Affected by this vulnerability is an unknown functionality of the component Level Orders Update Handler. The manipulation leads to cross-site request forgery.

This vulnerability is known as CVE-2024-0624. The attack can be launched remotely. There is no exploit available.

CVE-2024-0624 | Paid Memberships Pro Plugin up to 2.12.7 on WordPress Level Orders Update cross-site request forgery

Related Posts

CVE-2024-36050 | NixOS Nix up to 2.22.1 Hash Cache code injection (Issue 969)

CVE-2024-34020 | hcode up to 2.1 mail.c putSDN stack-based overflow

CVE-2022-46486 | Scontain SCONE up to 5.7.x on Intel SGX __scone_dispatch information disclosure

CVE-2024-33820 | Totolink AC1200 4.0.0-B20230531.1404 formWlEncrypt wlan_ssid buffer overflow