Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Associated Vulnerability
Clear Filters
Found 37 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-4949 ProfilePress <= 4.16.12 - Missing Authorization to Authenticated (Subscriber+) Inactive Membership Plan Subscription properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 4.3 2026-04-15 22:26:06 Deep Dive
CVE-2026-3309 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.16.11 - Unauthenticated Arbitrary Shortcode Execution via Checkout Billing Fields properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.5 2026-04-04 11:16:15 Deep Dive
CVE-2026-3445 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.16.11 - Missing Authorization to Authenticated (Subscriber+) Membership Payment Bypass properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress High 7.1 2026-04-04 08:25:20 Deep Dive
CVE-2026-3453 ProfilePress <= 4.16.11 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Subscription Cancellation/Expiration properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress High 8.1 2026-03-11 02:22:46 Deep Dive
CVE-2025-13642 ProfilePress <= 4.16.7 - Authenticated (Subscriber+) Arbitrary Shortcode Execution properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 5.4 2025-12-09 15:23:48 Deep Dive
CVE-2025-8878 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.16.4 - Unauthenticated Arbitrary Shortcode Execution properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.5 2025-08-16 11:11:24 Deep Dive
CVE-2023-41953 WordPress ProfilePress plugin <= 4.13.1 - Broken Access Control vulnerability ProfilePress Membership TeamProfilePress Medium 5.3 2024-12-09 13:16:50 Deep Dive
CVE-2023-50882 WordPress ProfilePress plugin <= 4.13.2 - Broken Access Control vulnerability properfractionProfilePress 中危 -2024-12-09 11:29:56 Deep Dive
CVE-2024-11083 ProfilePress <= 4.15.18 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 5.3 2024-11-27 05:31:54 Deep Dive
CVE-2024-9947 ProfilePress - Pro <= 4.11.1 - Authentication Bypass via WordPress.com OAuth provider ProfilePress TeamProfilePress Pro High 8.1 2024-10-23 06:45:06 Deep Dive
CVE-2024-2861 ProfilePress <= 4.15.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via ProfilePress User Panel Widget properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-05-23 09:32:33 Deep Dive
CVE-2023-41954 WordPress ProfilePress plugin <= 4.13.1 - Unauthenticated Limited Privilege Escalation vulnerability ProfilePress Membership TeamProfilePress High 8.6 2024-05-17 06:54:22 Deep Dive
CVE-2024-2867 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.4 - Authenticated (Contributor+) Stored Cross-Site Scripting properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-05-02 16:52:05 Deep Dive
CVE-2024-3210 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'reg-single-checkbox' properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-04-10 05:32:23 Deep Dive
CVE-2024-1806 ProfilePress <= 4.15.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via profilepress-edit-profile Shortcode properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-03-13 15:27:17 Deep Dive
CVE-2024-1409 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via [reg-select-role] Shortcode properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-03-13 15:26:49 Deep Dive
CVE-2024-1535 ProfilePress <= 4.15.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-03-13 15:26:44 Deep Dive
CVE-2024-1408 ProfilePress <= 4.14.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via [edit-profile-text-box] shortcode properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-02-20 18:56:34 Deep Dive
CVE-2024-1519 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.14.4 - Unauthenticated Stored Cross-Site Scripting properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.5 2024-02-20 18:56:31 Deep Dive
CVE-2024-1570 ProfilePress <= 4.14.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-02-20 18:56:30 Deep Dive