Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Vulnerability List - Page 15

Clear Filters
Found 621 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-11083 ProfilePress <= 4.15.18 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 5.3 2024-11-27 05:31:54 Deep Dive
CVE-2024-11818 PHPGurukul User Registration & Login and User Management System signup.php sql injection PHPGurukulUser Registration & Login and User Management System High 7.3 2024-11-26 23:31:05 Deep Dive
CVE-2024-11817 PHPGurukul User Registration & Login and User Management System index.php sql injection PHPGurukulUser Registration & Login and User Management System High 7.3 2024-11-26 23:00:10 Deep Dive
CVE-2024-10537 WP User Manager – User Profile Builder & Membership <= 2.9.11 - Missing Authorization to Authenticated (Subscriber+) User Meta Key Enumeration wpusermanagerWP User Manager – User Profile Builder & Membership Medium 4.3 2024-11-23 03:25:51 Deep Dive
CVE-2024-10216 WP User Manager – User Profile Builder & Membership <= 2.9.11 - Missing Authorization to Carbon Fields Custom Sidebar Addition/Removal wpusermanagerWP User Manager – User Profile Builder & Membership Medium 4.3 2024-11-23 03:25:48 Deep Dive
CVE-2024-10788 Activity Log – Monitor & Record User Changes <= 2.11.1 - Unauthenticated Stored Cross-Site Scripting via Event Context elemntorActivity Log – Monitor & Record User Changes High 7.2 2024-11-21 05:33:50 Deep Dive
CVE-2024-10528 Ultimate Member <= 2.8.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Profile Picture Update ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Medium 4.3 2024-11-21 05:33:49 Deep Dive
CVE-2024-11197 Lock User Account <= 1.0.5 - User Lock Bypass babatechsLock User Account Medium 4.2 2024-11-21 02:06:35 Deep Dive
CVE-2024-10900 ProfileGrid – User Profiles, Groups and Communities <= 5.9.3.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Meta Deletion metagaussProfileGrid – User Profiles, Groups and Communities Medium 6.5 2024-11-20 06:42:54 Deep Dive
CVE-2024-51686 WordPress Manage User Columns plugin <= 1.0.5 - Cross Site Request Forgery (CSRF) vulnerability Deepak KhokharManage User Columns Medium 4.3 2024-11-19 16:32:36 Deep Dive
CVE-2024-51889 WordPress Fancy User List plugin <= 3.1 - Stored Cross Site Scripting (XSS) vulnerability GeroNikolovFancy User List Medium 6.5 2024-11-19 16:31:14 Deep Dive
CVE-2024-52403 WordPress User Management plugin <= 1.1 - Arbitrary File Upload vulnerability Saad IqbalUser Management Critical 9.9 2024-11-16 21:53:10 Deep Dive
CVE-2024-11150 WordPress User Extra Fields <= 16.6 - Unauthenticated Arbitrary File Deletion vanquishWordPress User Extra Fields Critical 9.8 2024-11-13 04:29:07 Deep Dive
CVE-2024-10800 WordPress User Extra Fields <= 16.6 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation vanquishWordPress User Extra Fields High 8.8 2024-11-13 04:29:06 Deep Dive
CVE-2024-51714 WordPress User Password Reset plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability techdabangUser Password Reset High 7.1 2024-11-09 11:58:04 Deep Dive
CVE-2024-10508 RegistrationMagic – User Registration Plugin with Custom Registration Forms <= 6.0.2.6 - Unauthenticated Privilege Escalation via Password Recovery metagaussRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login Critical 9.8 2024-11-09 07:35:08 Deep Dive
CVE-2024-10801 WordPress User Extra Fields <= 16.5 - Unauthenticated Arbitrary File Upload vanquishWordPress User Extra Fields Critical 9.8 2024-11-09 07:35:06 Deep Dive
CVE-2024-9262 User Meta – User Profile Builder and User management plugin <= 3.1.1 - Insecure Direct Object Reference to Sensitive Information Exposure khaledsaikatUser Meta – User Profile Builder and User management plugin Medium 6.5 2024-11-09 02:03:03 Deep Dive
CVE-2024-37209 WordPress User Rights Access Manager plugin <= 1.1.2 - Broken Access Control vulnerability Prism IT SystemsUser Rights Access Manager Medium 6.5 2024-11-01 14:22:45 Deep Dive
CVE-2024-37453 WordPress ProfileGrid – User Profiles, Groups and Communities plugin <= 5.8.7 - Broken Access Control vulnerability ProfileGrid User ProfilesProfileGrid Medium 4.3 2024-11-01 14:18:21 Deep Dive