CVE-2021-20678

Name of the Vulnerable Software and Affected Versions: Paid Memberships Pro versions prior to 2.5.6

Description: The issue allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. This can be exploited by attackers to manipulate database queries, potentially leading to unauthorized data access or modification.

Recommendations: For versions prior to 2.5.6, update to version 2.5.6 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive database operations to minimize the risk of exploitation.