Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Associated Vulnerability
Clear Filters
Found 37 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-1046 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.14.3 - Authenticated (Contributor+) Stored Cross-Site Scripting properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-02-05 21:21:51 Deep Dive
CVE-2022-45083 WordPress ProfilePress Plugin <= 4.3.2 is vulnerable to PHP Object Injection ProfilePress Membership TeamPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.6 2024-01-19 14:37:19 Deep Dive
CVE-2023-44150 WordPress ProfilePress Plugin <= 4.13.2 is vulnerable to Sensitive Data Exposure ProfilePress Membership TeamPaid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress High 7.5 2023-11-30 14:50:36 Deep Dive
CVE-2023-23830 WordPress ProfilePress Plugin <= 4.5.4 is vulnerable to Cross Site Scripting (XSS) ProfilePress Membership TeamProfilePress High 7.1 2023-05-03 15:15:27 Deep Dive
CVE-2023-23820 WordPress ProfilePress Plugin <= 4.5.4 is vulnerable to Cross Site Scripting (XSS) ProfilePress Membership TeamProfilePress Medium 6.5 2023-05-03 12:39:09 Deep Dive
CVE-2023-23996 WordPress ProfilePress Plugin <= 4.5.3 is vulnerable to Cross Site Scripting (XSS) ProfilePress Membership TeamProfilePress Medium 5.9 2023-04-06 07:46:41 Deep Dive
CVE-2022-47444 WordPress ProfilePress Plugin <= 4.4.1 is vulnerable to Cross Site Scripting (XSS) ProfilePress Membership TeamPaid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress High 7.1 2023-03-29 12:35:45 Deep Dive
CVE-2022-4697 ProfilePress <= 4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 5.5 2022-12-23 15:11:46 Deep Dive
CVE-2022-4698 ProfilePress <= 4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Form Settings properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 5.5 2022-12-23 15:09:51 Deep Dive
CVE-2021-24955 ProfilePress < 3.2.3 - Reflected Cross-Site Scripting UnknownUser Registration, Login Form, User Profile & Membership – ProfilePress (Formerly WP User Avatar) 中危 -2021-12-13 10:41:29 Deep Dive
CVE-2021-24954 ProfilePress < 3.2.3 - Reflected Cross-Site Scripting UnknownUser Registration, Login Form, User Profile & Membership – ProfilePress (Formerly WP User Avatar) 中危 -2021-12-13 10:41:28 Deep Dive
CVE-2021-24522 ProfilePress < 3.1.11 - Unauthenticated Cross-Site Scripting (XSS) in tabbed login/register widget UnknownUser Registration, User Profile, Login & Membership – ProfilePress (Formerly WP User Avatar) 中危 -2021-08-09 10:04:15 Deep Dive
CVE-2021-24450 ProfilePress < 3.1.8 - Authenticated Stored XSS UnknownUser Registration, User Profiles, Login & Membership – ProfilePress (Formerly WP User Avatar) 中危 -2021-08-02 10:32:00 Deep Dive
CVE-2021-34624 ProfilePress 3.0 - 3.1.3 - Arbitrary File Upload in File Uploader Component ProfilePressProfilePress Critical 9.8 2021-07-07 12:21:22 Deep Dive
CVE-2021-34621 ProfilePress 3.0 - 3.1.3 - Unauthenticated Privilege Escalation ProfilePressProfilePress Critical 9.8 2021-07-07 12:21:16 Deep Dive
CVE-2021-34623 ProfilePress 3.0 - 3.1.3 - Arbitrary File Upload in Image Uploader Component ProfilePressProfilePress Critical 9.8 2021-07-07 12:21:11 Deep Dive
CVE-2021-34622 ProfilePress 3.0 - 3.1.3 - Authenticated Privilege Escalation ProfilePressProfilePress Critical 9.8 2021-07-07 12:20:58 Deep Dive