WordPress Plugin Vulnerabilities

Paid Memberships Pro 1.8.4.2 - Cross-Site Scripting (XSS)

Description

The Paid Memberships Pro WordPress plugin was affected by a Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
paid-memberships-pro
Fixed in 1.8.4.3

References

CVE
CVE-2015-5532
URL
https://packetstormsecurity.com/files/#132812/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Submitter
pvdl
Verified
No
WPVDB ID
2c3aa6ce-5596-4463-bfe2-e66179d37ca5

Timeline

Publicly Published
2015-07-22 (about 10 years ago)
Added
2015-07-23 (about 10 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2022-12-27
Title
Sitemap < 4.4 - Contributor+ Stored XSS
Published
2025-10-17
Title
Related Posts Lite <= 1.12 - Authenticated (Admin+) Stored Cross-Site Scripting
Published
2021-08-11
Title
FV Flowplayer Video Player < 7.5.3.727 - Reflected Cross-Site Scripting
Published
2025-02-28
Title
Page Builder by SiteOrigin < 2.31.5 - Contributor+ Stored XSS
Published
2025-02-18
Title
Yay! Forms | Embed Custom Forms, Surveys, and Quizzes Easily < 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting