CVE-2021-20678

SQL injection vulnerability in the Paid Memberships Pro versions prior to 2.5.6 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.

Date published : 2021-03-17

https://jvn.jp/en/jp/JVN08191557/index.html

https://wordpress.org/plugins/paid-memberships-pro/