Paid Memberships Pro < 3.0 – Cross-Site Request Forgery | CVE 2024-0588 | Plugin Vulnerabilities

Description

The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.12.10. This is due to missing nonce validation on the pmpro_lifter_save_streamline_option() function. This makes it possible for unauthenticated attackers to enable the streamline setting with Lifter LMS via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

Affects Plugins

paid-memberships-pro

Fixed in 3.0

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/6fd87d34-2e7f-4c75-8816-b39820309077

Classification

Type

CSRF

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CVSS

Miscellaneous

Original Researcher

kodaichodai

Verified

No

WPVDB ID

f59e814d-3c52-4159-96f4-fba3d5238eb8

Timeline

Publicly Published

2024-03-25 (about 2 years ago)

Added

2024-03-25 (about 2 years ago)

Last Updated

2024-03-25 (about 2 years ago)

Other

Published

Title

Published

2024-07-12

Title

Oceanic <= 1.0.53 - Cross-Site Request Forgery

Published

2022-06-09

Title

Toolbar To Share <= 2.0 - Stored Cross-Site Scripting via CSRF

Published

2023-06-16

Title

Recent Posts Slider <= 1.1 - Cross-Site Request Forgery

Published

2023-02-28

Title

WP Film Studio < 1.3.5 - Arbitrary Plugin Activation via CSRF

Published

2023-07-05

Title

ShopLentor < 2.6.3 - Settings Update via CSRF