Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Vulnerability List - Page 7

Clear Filters
Found 204 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-2867 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.4 - Authenticated (Contributor+) Stored Cross-Site Scripting properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-05-02 16:52:05 Deep Dive
CVE-2024-3210 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'reg-single-checkbox' properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-04-10 05:32:23 Deep Dive
CVE-2024-1991 RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 5.3.0.0 - Authenticated (Subscriber+) Privilege Escalation metagaussRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login High 8.8 2024-04-09 18:58:59 Deep Dive
CVE-2024-0588 Paid Memberships Pro <= 2.12.10 - Cross-Site Request Forgery strangerstudiosPaid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions Medium 4.3 2024-04-09 18:58:55 Deep Dive
CVE-2024-1990 RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 5.3.1.0 - Authenticated (Contributor+) SQL Injection via Shortcode metagaussRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login High 8.8 2024-04-09 18:58:52 Deep Dive
CVE-2024-2423 UsersWP <= 1.2.6 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode stiofansislandUsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP Medium 6.4 2024-04-09 18:58:42 Deep Dive
CVE-2023-27459 WordPress User Registration plugin <= 2.3.2.1 - Authenticated PHP Object Injection vulnerability WPEverestUser Registration High 7.4 2024-03-26 20:01:36 Deep Dive
CVE-2024-1806 ProfilePress <= 4.15.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via profilepress-edit-profile Shortcode properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-03-13 15:27:17 Deep Dive
CVE-2024-1409 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via [reg-select-role] Shortcode properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-03-13 15:26:49 Deep Dive
CVE-2024-1535 ProfilePress <= 4.15.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-03-13 15:26:44 Deep Dive
CVE-2024-1158 Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.7 - Missing Authorization themekraftPost Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) Medium 4.3 2024-03-13 15:26:35 Deep Dive
CVE-2024-1071 WordPress Plugin Ultimate Member 安全漏洞 ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Critical 9.8 2024-03-13 15:26:32 Deep Dive
CVE-2024-2123 Ultimate Member <= 2.8.3 - Unauthenticated Stored Cross-Site Scripting ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin High 7.2 2024-03-13 09:35:15 Deep Dive
CVE-2024-1290 Formidable Registration < 2.12 - Contributor+ Arbitrary User Password Reset To Account Takeover UnknownUser Registration--2024-03-11 17:56:06 Deep Dive
CVE-2024-1169 Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.7 - Missing Authorization to Unauthenticated Media Upload themekraftPost Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) High 7.5 2024-03-07 11:01:58 Deep Dive
CVE-2024-1170 Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.7 - Missing Authorization to Unauthenticated Media Deletion themekraftPost Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) High 8.2 2024-03-07 11:01:58 Deep Dive
CVE-2024-1720 User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.1.4 - Unauthenticated Stored Self-Based Cross-Site Scripting wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Medium 4.7 2024-03-07 05:32:39 Deep Dive
CVE-2024-1408 ProfilePress <= 4.14.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via [edit-profile-text-box] shortcode properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-02-20 18:56:34 Deep Dive
CVE-2024-1519 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.14.4 - Unauthenticated Stored Cross-Site Scripting properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.5 2024-02-20 18:56:31 Deep Dive
CVE-2024-1570 ProfilePress <= 4.14.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-02-20 18:56:30 Deep Dive