WordPress Paid Memberships Pro Plugin 'memberslist-csv.php' Information Disclosure Vulnerability
7 Aug. 2012
Summary
The Paid Memberships Pro plugin for WordPress is prone to an information-disclosure vulnerability because it fails to sufficiently validate user-supplied data.
Vulnerable Systems:
* WordPress Paid Memberships Pro Plugin 'memberslist-csv.php' Information Disclosure Vulnerability
An attacker can exploit this issue to obtain sensitive information that may aid in further attacks.
Paid Memberships Pro 1.4.7 is vulnerable; other versions may also be affected.
Vendor Status:
Currently we are not aware of any vendor-supplied patches