CVE 2020-5579
SQL injection vulnerability in the Paid Memberships versions prior to 2.3.3 allows attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors.
See the
CVE page on Mitre.org
for more details.