| CVE-2024-11153 | Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More <= 2.5.0 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure | danieliser | Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More | Medium | 5.3 | 2025-03-05 11:22:11 | Deep Dive |
| CVE-2024-13120 | ProfilePress < 4.15.20 - Admin+ Stored XSS | Unknown | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content | 中危 | - | 2025-02-13 06:00:12 | Deep Dive |
| CVE-2024-13121 | Paid Membership Plugin < 4.15.20 - Admin+ Stored XSS | Unknown | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content | 中危 | - | 2025-02-13 06:00:12 | Deep Dive |
| CVE-2024-13119 | ProfilePress < 4.15.20 - Admin+ Stored XSS | Unknown | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content | 中危 | - | 2025-02-13 06:00:06 | Deep Dive |
| CVE-2024-13530 | Custom Login Page Styler <= 7.1.1 - Missing Authorization to Authenticated (Subsciber+) Log Deletion and Session Termination | zia-imtiaz | Login Page Styler – Custom WordPress Login Page Customizer & Security | Medium | 4.3 | 2025-01-31 07:23:40 | Deep Dive |
| CVE-2024-11090 | Membership Plugin – Restrict Content <= 3.2.13 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure | stellarwp | Membership Plugin – Restrict Content | Medium | 5.3 | 2025-01-26 06:41:21 | Deep Dive |
| CVE-2025-24610 | WordPress Restrict Anonymous Access Plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability | Christian Leuenberg | Restrict Anonymous Access | Medium | 6.5 | 2025-01-24 17:24:37 | Deep Dive |
| CVE-2024-10518 | ProfilePress < 4.15.15 - Admin+ Stored XSS | Unknown | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content | 中危 | - | 2024-12-12 06:00:18 | Deep Dive |
| CVE-2024-10517 | ProfilePress < 4.15.15 - Admin+ Stored XSS | Unknown | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content | 中危 | - | 2024-12-12 06:00:17 | Deep Dive |
| CVE-2024-11351 | Restrict – membership, site, content and user access restrictions for WordPress <= 2.2.8 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure | tickera | Restrict – membership, site, content and user access restrictions for WordPress | Medium | 5.3 | 2024-12-11 12:24:19 | Deep Dive |
| CVE-2024-11106 | Simple Restrict <= 1.2.7 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure | wpchill | Simple Restrict | Medium | 5.3 | 2024-12-10 11:09:12 | Deep Dive |
| CVE-2024-11083 | ProfilePress <= 4.15.18 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure | properfraction | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress | Medium | 5.3 | 2024-11-27 05:31:54 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-0910 | Restrict for Elementor <= 1.0.7 - Protection Mechanism Bypass | restrict | Restrict for Elementor | Medium | 5.3 | 2024-06-06 02:02:55 | Deep Dive |
| CVE-2024-2861 | ProfilePress <= 4.15.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via ProfilePress User Panel Widget | properfraction | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress | Medium | 6.4 | 2024-05-23 09:32:33 | Deep Dive |
| CVE-2024-0615 | Content Control <= 2.1.0 - Missing Authorization to Sensitive Information Exposure | danieliser | Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More | Medium | 5.3 | 2024-05-02 16:52:28 | Deep Dive |
| CVE-2024-2867 | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | properfraction | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress | Medium | 6.4 | 2024-05-02 16:52:05 | Deep Dive |
| CVE-2024-31432 | WordPress Restrict Content plugin <= 3.2.8 - Broken Access Control vulnerability | StellarWP | Restrict Content | Medium | 5.3 | 2024-04-15 09:31:09 | Deep Dive |
| CVE-2024-3210 | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'reg-single-checkbox' | properfraction | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress | Medium | 6.4 | 2024-04-10 05:32:23 | Deep Dive |
| CVE-2024-29138 | WordPress Restrict User Access plugin <= 2.5 - Reflected Cross Site Scripting (XSS) vulnerability | Joachim Jensen | Restrict User Access – Membership Plugin with Force | High | 7.1 | 2024-03-19 13:40:40 | Deep Dive |