{"id":"CVE-2021-25114","details":"The Paid Memberships Pro WordPress plugin before 2.6.7 does not escape the discount_code in one of its REST route (available to unauthenticated users) before using it in a SQL statement, leading to a SQL injection","modified":"2026-04-10T04:30:58.383344Z","published":"2022-02-07T16:15:46.240Z","references":[{"type":"ADVISORY","url":"https://www.paidmembershipspro.com/pmpro-update-2-6-7-security-release/"},{"type":"EVIDENCE","url":"https://wpscan.com/vulnerability/6c25a5f0-a137-4ea5-9422-8ae393d7b76b"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/strangerstudios/paid-memberships-pro","events":[{"introduced":"abb47327a43d4ae034d1be35f6abc1126478ae76"},{"fixed":"932abfb31ed813804756982dce3ee95640e041af"},{"introduced":"d0b35d76e38ba5c2eac9bdea3100b81ff32ba419"},{"fixed":"30918ac8ccf0ccd42a7ac518c3c606f65d8ee50f"},{"introduced":"043b1adc825ea81f7ad3305025e80fb0856e698a"},{"fixed":"59352fb4405bf7e1af99d6838cc2cfff180be660"}],"database_specific":{"versions":[{"introduced":"2.4"},{"fixed":"2.4.5"},{"introduced":"2.5"},{"fixed":"2.5.11"},{"introduced":"2.6"},{"fixed":"2.6.7"}]}}],"versions":["2.5.10","2.5.10.1","2.5.10.2","2.6","2.6.1","2.6.1.1","2.6.2","2.6.3","2.6.4","2.6.5","2.6.6","v2.4","v2.4.1","v2.4.2","v2.4.3","v2.4.4","v2.5","v2.5.1","v2.5.2","v2.5.4","v2.5.5","v2.5.6","v2.5.7","v2.5.8","v2.5.9","v2.5.9.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-25114.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}