Browse all 10 CVE security advisories affecting strangerstudios. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Strangerstudios develops web applications and content management systems, with their products primarily serving as publishing platforms for digital media. Historically, their vulnerabilities have frequently included remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and access control issues. The organization has demonstrated inconsistent patch response times, with several critical vulnerabilities remaining unaddressed for extended periods. Their products have been exploited in multiple high-profile breaches, resulting in unauthorized data access and server compromises. Security researchers have noted recurring patterns of insecure default configurations and inadequate dependency management across their software portfolio.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-4100 | Paid Memberships Pro <= 3.6.5 - Missing Authorization to Authenticated (Subscriber+) Stripe Webhook Deletion and Payment Processing Disruption — Paid Memberships Pro – Content Restriction, User Registration, & Paid SubscriptionsCWE-862 | 7.1 | High | 2026-05-02 |
| CVE-2024-1407 | Paid Memberships Pro <= 2.12.10 - Cross-Site Request Forgery to Membership Modification — Paid Memberships Pro – Content Restriction, User Registration, & Paid SubscriptionsCWE-352 | 5.4 | Medium | 2024-06-19 |
| CVE-2024-3215 | Paid Memberships Pro <= 3.0.1 - Cross-Site Request Forgery — Paid Memberships Pro – Content Restriction, User Registration, & Paid SubscriptionsCWE-352 | 5.3 | Medium | 2024-05-02 |
| CVE-2024-0588 | Paid Memberships Pro <= 2.12.10 - Cross-Site Request Forgery — Paid Memberships Pro – Content Restriction, User Registration, & Paid SubscriptionsCWE-352 | 4.3 | Medium | 2024-04-09 |
| CVE-2024-0624 | Paid Memberships Pro <= 2.12.7 - Cross-Site Request Forgery to Level Orders Update — Paid Memberships Pro – Content Restriction, User Registration, & Paid SubscriptionsCWE-352 | 5.3 | Medium | 2024-01-25 |
| CVE-2023-6855 | Paid Memberships Pro <= 2.12.5 - Missing Authorization via API — Paid Memberships Pro – Content Restriction, User Registration, & Paid SubscriptionsCWE-862 | 5.3 | Medium | 2024-01-11 |
| CVE-2023-6187 | Paid Memberships Pro <= 2.12.3 - Authenticated (Subscriber+) Arbitrary File Upload — Paid Memberships Pro – Content Restriction, User Registration, & Paid SubscriptionsCWE-434 | 7.5 | High | 2023-11-18 |
| CVE-2020-36754 | Paid Memberships Pro <= 2.4.2 - Cross-Site Request Forgery Bypass — Paid Memberships Pro – Content Restriction, User Registration, & Paid SubscriptionsCWE-352 | 4.3 | Medium | 2023-10-20 |
This page lists every published CVE security advisory associated with strangerstudios. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.