Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
High-Risk SQLi Flaw Exposes WordPress Memberships Plugin Users
Malware and Vulnerabilities
September 01, 2025
infosecurity-magazine
A critical unauthenticated SQL injection vulnerability has been discovered in the WordPress Paid Membership Subscriptions plugin, affecting versions up to 2.15.1. It allows unauthenticated attackers to inject malicious SQL queries into the database.
Read More
WordPress
SQL injection
CVE-2025-49870
Paid Membership Subscriptions Plugin
Web Application Security
Publisher
Previous
Spanish government cancels €10m contract using Huawei e ...
Govt., Critical Infrastructure
Next
Crooks exploit Meta malvertising to target Android user ...
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/a491_shutterstock_1255799719.jpg)
/https://cyware-ent.s3.amazonaws.com/public_image/securityaffairse7f96144-4875-45c3-ae03-5962a9ad0e26.png)
