Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 336 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-1316 Event Tickets and Registration < 5.8.1 - Contributor+ Arbitrary Events Access UnknownEvent Tickets and Registration--2024-03-04 21:00:10 Deep Dive
CVE-2024-1053 Event Tickets and Registration <= 5.8.1 - Missing Authorization stellarwpEvent Tickets and Registration Medium 4.3 2024-02-22 05:32:49 Deep Dive
CVE-2024-1408 ProfilePress <= 4.14.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via [edit-profile-text-box] shortcode properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-02-20 18:56:34 Deep Dive
CVE-2024-1519 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.14.4 - Unauthenticated Stored Cross-Site Scripting properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.5 2024-02-20 18:56:31 Deep Dive
CVE-2024-1570 ProfilePress <= 4.14.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-02-20 18:56:30 Deep Dive
CVE-2024-1046 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.14.3 - Authenticated (Contributor+) Stored Cross-Site Scripting properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-02-05 21:21:51 Deep Dive
CVE-2024-0324 User Profile Builder <= 3.10.8 - Missing Authorization to Plugin Settings Change via wppb_two_factor_authentication_settings_update cozmoslabsUser Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor High 8.2 2024-02-05 21:21:37 Deep Dive
CVE-2023-51509 WordPress RegistrationMagic Plugin <= 5.2.4.1 is vulnerable to Cross Site Scripting (XSS) MetagaussRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login High 7.1 2024-02-01 11:24:54 Deep Dive
CVE-2024-22158 WordPress PeepSo Core: Photos Plugin < 6.3.1.0 is vulnerable to Cross Site Scripting (XSS) PeepSoCommunity by PeepSo – Social Network, Membership, Registration, User Profiles Medium 6.5 2024-01-31 18:15:01 Deep Dive
CVE-2024-0624 Paid Memberships Pro <= 2.12.7 - Cross-Site Request Forgery to Level Orders Update strangerstudiosPaid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions Medium 5.3 2024-01-25 01:55:03 Deep Dive
CVE-2022-45083 WordPress ProfilePress Plugin <= 4.3.2 is vulnerable to PHP Object Injection ProfilePress Membership TeamPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.6 2024-01-19 14:37:19 Deep Dive
CVE-2023-0824 UserPlus <= 2.0 - Stored XSS via CSRF UnknownUser registration & user profile--2024-01-16 15:56:28 Deep Dive
CVE-2023-6504 Profile Builder <= 3.10.7 - Insecure Direct Object Reference to Sensitive Information Exposure via user_meta Shortcode cozmoslabsUser Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor Medium 4.3 2024-01-11 08:33:09 Deep Dive
CVE-2023-6855 Paid Memberships Pro <= 2.12.5 - Missing Authorization via API strangerstudiosPaid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions Medium 5.3 2024-01-11 08:32:32 Deep Dive
CVE-2023-50846 WordPress RegistrationMagic Plugin <= 5.2.4.5 is vulnerable to SQL Injection RegistrationMagicRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login High 7.6 2023-12-28 18:19:26 Deep Dive
CVE-2023-6464 SourceCodester User Registration and Login System add-user.php sql injection SourceCodesterUser Registration and Login System Medium 6.3 2023-12-02 09:00:08 Deep Dive
CVE-2023-6463 SourceCodester User Registration and Login System add-user.php cross site scripting SourceCodesterUser Registration and Login System Low 3.5 2023-12-01 22:31:05 Deep Dive
CVE-2023-6462 SourceCodester User Registration and Login System delete-user.php cross site scripting SourceCodesterUser Registration and Login System Low 3.5 2023-12-01 21:31:04 Deep Dive
CVE-2023-48746 WordPress Community by PeepSo Plugin <= 6.2.6.0 is vulnerable to Cross Site Scripting (XSS) PeepSoCommunity by PeepSo – Social Network, Membership, Registration, User Profiles High 7.1 2023-11-30 16:25:31 Deep Dive
CVE-2023-44150 WordPress ProfilePress Plugin <= 4.13.2 is vulnerable to Sensitive Data Exposure ProfilePress Membership TeamPaid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress High 7.5 2023-11-30 14:50:36 Deep Dive