Strangerstudios Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions
8 CVEs affecting Strangerstudios Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions. Latest disclosed: 2026-05-02. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-6187 | High | 7.5 | 2023-11-18 | The Paid Memberships Pro plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'pmpro_paypalexpress_sess… |
CVE-2026-4100 | High | 7.1 | 2026-05-02 | The Paid Memberships Pro plugin for WordPress is vulnerable to unauthorized modification and disruption of Stripe webhook configuration in all versions up to… |
CVE-2024-1407 | Medium | 5.4 | 2024-06-19 | The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all… |
CVE-2024-3215 | Medium | 5.3 | 2024-05-02 | The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all… |
CVE-2024-0624 | Medium | 5.3 | 2024-01-25 | The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all… |
CVE-2023-6855 | Medium | 5.3 | 2024-01-11 | The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to unauthorized modification of memb… |
CVE-2024-0588 | Medium | 4.3 | 2024-04-09 | The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all… |
CVE-2020-36754 | Medium | 4.3 | 2023-10-20 | The Paid Memberships Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.2. This is due to missing or i… |