Paid Member Subscriptions

Cozmoslabs

Developer

3.0.1

Latest version

10,000

Installations

No date

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

0 present

15 patched

6 Mitigation rules

Insecure Direct Object References (IDOR) vulnerability
<= 2.16.8
Feb 11, 2026
WordPress Paid Membership Subscriptions - Effortless Memberships, Recurring Payments & Content Restriction plugin <= 2.11.1 - Missing Authorization via pms_stripe_connect_handle_authorization_return vulnerability
<= 2.11.1
Feb 2, 2026
Missing Authorization to Unauthenticated Arbitrary Member Subscription Auto Renewal vulnerability
<= 2.16.4
Nov 5, 2025
Broken Access Control Vulnerability
<= 2.15.9
Sep 3, 2025
Local File Inclusion Vulnerability
<= 2.15.4
Jul 29, 2025
SQL Injection Vulnerability
<= 2.15.1
Jul 3, 2025
Cross Site Scripting (XSS) Vulnerability
<= 2.14.3
Mar 28, 2025
Authentication Bypass via pms_payment_id vulnerability
<= 2.13.7
Jan 13, 2025
Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability
<= 2.13.4
Dec 18, 2024
Unauthenticated Arbitrary Shortcode Execution vulnerability
<= 2.13.0
Nov 26, 2024
Reflected Cross-Site Scripting vulnerability
<= 2.12.8
Oct 2, 2024
Cross Site Request Forgery (CSRF) vulnerability
<= 2.11.0
Apr 22, 2024
Missing Authorization via creating_pricing_table_page vulnerability
<= 2.11.1
Feb 14, 2024
Cross Site Request Forgery (CSRF) vulnerability
<= 2.10.4
Dec 27, 2023
Reflected Cross-Site Scripting (XSS) vulnerability
<= 2.4.1
Jul 26, 2021