| CVE-2023-6855 | Paid Memberships Pro <= 2.12.5 - Missing Authorization via API | strangerstudios | Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions | Medium | 5.3 | 2024-01-11 08:32:32 | Deep Dive |
| CVE-2022-36352 | WordPress ProfileGrid Plugin <= 5.0.3 is vulnerable to Broken Access Control | Profilegrid | ProfileGrid – User Profiles, Memberships, Groups and Communities | Medium | 6.3 | 2024-01-08 21:50:11 | Deep Dive |
| CVE-2022-34344 | WordPress Wholesale Suite Plugin <= 2.1.5 is vulnerable to Broken Access Control | Rymera Web Co | Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & More | Medium | 5.4 | 2024-01-08 21:13:45 | Deep Dive |
| CVE-2023-52200 | WordPress ARMember Plugin <= 4.0.22 is vulnerable to Cross Site Request Forgery (CSRF) leading to PHP Object Injection | Repute Infosystems | ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup | Critical | 9.6 | 2024-01-08 19:18:44 | Deep Dive |
| CVE-2023-52225 | WordPress Taggbox Plugin <= 3.1 is vulnerable to PHP Object Injection | Tagbox | Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics | Critical | 10.0 | 2024-01-08 17:13:22 | Deep Dive |
| CVE-2023-52181 | WordPress Theme per user Plugin <= 1.0.1 is vulnerable to PHP Object Injection | Presslabs | Theme per user | Critical | 10.0 | 2023-12-31 10:07:50 | Deep Dive |
| CVE-2023-50902 | WordPress New User Approve Plugin <= 2.5.1 is vulnerable to Cross Site Request Forgery (CSRF) | WPExpertsio | New User Approve | Medium | 4.3 | 2023-12-29 12:28:47 | Deep Dive |
| CVE-2023-50846 | WordPress RegistrationMagic Plugin <= 5.2.4.5 is vulnerable to SQL Injection | RegistrationMagic | RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login | High | 7.6 | 2023-12-28 18:19:26 | Deep Dive |
| CVE-2023-50858 | WordPress Anti Hacker Plugin <= 4.34 is vulnerable to Cross Site Request Forgery (CSRF) | Bill Minozzi | Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan | Medium | 5.4 | 2023-12-28 10:31:44 | Deep Dive |
| CVE-2023-47191 | WordPress Youzify Plugin <= 1.2.2 is vulnerable to Insecure Direct Object References (IDOR) | KaineLabs | Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress | Medium | 6.5 | 2023-12-21 18:26:53 | Deep Dive |
| CVE-2023-45603 | WordPress User Submitted Posts Plugin <= 20230902 is vulnerable to Arbitrary File Upload | Jeff Starr | User Submitted Posts – Enable Users to Submit Posts from the Front End | Critical | 9.0 | 2023-12-20 18:38:20 | Deep Dive |
| CVE-2023-33214 | WordPress Taggbox Plugin <= 3.1 is vulnerable to Cross Site Request Forgery (CSRF) | Tagbox | Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics | Medium | 5.4 | 2023-12-18 15:48:15 | Deep Dive |
| CVE-2023-47806 | WordPress Disable User Login Plugin <= 1.3.7 is vulnerable to Cross Site Request Forgery (CSRF) | Saint Systems | Disable User Login | Medium | 5.4 | 2023-12-18 15:45:28 | Deep Dive |
| CVE-2023-6464 | SourceCodester User Registration and Login System add-user.php sql injection | SourceCodester | User Registration and Login System | Medium | 6.3 | 2023-12-02 09:00:08 | Deep Dive |
| CVE-2023-6463 | SourceCodester User Registration and Login System add-user.php cross site scripting | SourceCodester | User Registration and Login System | Low | 3.5 | 2023-12-01 22:31:05 | Deep Dive |
| CVE-2023-6462 | SourceCodester User Registration and Login System delete-user.php cross site scripting | SourceCodester | User Registration and Login System | Low | 3.5 | 2023-12-01 21:31:04 | Deep Dive |
| CVE-2023-48746 | WordPress Community by PeepSo Plugin <= 6.2.6.0 is vulnerable to Cross Site Scripting (XSS) | PeepSo | Community by PeepSo – Social Network, Membership, Registration, User Profiles | High | 7.1 | 2023-11-30 16:25:31 | Deep Dive |
| CVE-2023-44150 | WordPress ProfilePress Plugin <= 4.13.2 is vulnerable to Sensitive Data Exposure | ProfilePress Membership Team | Paid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress | High | 7.5 | 2023-11-30 14:50:36 | Deep Dive |
| CVE-2023-47645 | WordPress RegistrationMagic Plugin <= 5.2.2.6 is vulnerable to Cross Site Request Forgery (CSRF) | RegistrationMagic | RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login | Medium | 4.3 | 2023-11-30 13:34:47 | Deep Dive |
| CVE-2023-47850 | WordPress Community by PeepSo Plugin <= 6.2.2.0 is vulnerable to Cross Site Scripting (XSS) | PeepSo | Community by PeepSo – Social Network, Membership, Registration, User Profiles | Medium | 6.5 | 2023-11-30 11:43:09 | Deep Dive |