Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 204 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-1046 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.14.3 - Authenticated (Contributor+) Stored Cross-Site Scripting properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.4 2024-02-05 21:21:51 Deep Dive
CVE-2024-0324 User Profile Builder <= 3.10.8 - Missing Authorization to Plugin Settings Change via wppb_two_factor_authentication_settings_update cozmoslabsUser Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor High 8.2 2024-02-05 21:21:37 Deep Dive
CVE-2023-51509 WordPress RegistrationMagic Plugin <= 5.2.4.1 is vulnerable to Cross Site Scripting (XSS) MetagaussRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login High 7.1 2024-02-01 11:24:54 Deep Dive
CVE-2024-22158 WordPress PeepSo Core: Photos Plugin < 6.3.1.0 is vulnerable to Cross Site Scripting (XSS) PeepSoCommunity by PeepSo – Social Network, Membership, Registration, User Profiles Medium 6.5 2024-01-31 18:15:01 Deep Dive
CVE-2024-0624 Paid Memberships Pro <= 2.12.7 - Cross-Site Request Forgery to Level Orders Update strangerstudiosPaid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions Medium 5.3 2024-01-25 01:55:03 Deep Dive
CVE-2022-45083 WordPress ProfilePress Plugin <= 4.3.2 is vulnerable to PHP Object Injection ProfilePress Membership TeamPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.6 2024-01-19 14:37:19 Deep Dive
CVE-2023-0824 UserPlus <= 2.0 - Stored XSS via CSRF UnknownUser registration & user profile--2024-01-16 15:56:28 Deep Dive
CVE-2023-6504 Profile Builder <= 3.10.7 - Insecure Direct Object Reference to Sensitive Information Exposure via user_meta Shortcode cozmoslabsUser Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor Medium 4.3 2024-01-11 08:33:09 Deep Dive
CVE-2023-6855 Paid Memberships Pro <= 2.12.5 - Missing Authorization via API strangerstudiosPaid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions Medium 5.3 2024-01-11 08:32:32 Deep Dive
CVE-2023-50846 WordPress RegistrationMagic Plugin <= 5.2.4.5 is vulnerable to SQL Injection RegistrationMagicRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login High 7.6 2023-12-28 18:19:26 Deep Dive
CVE-2023-6464 SourceCodester User Registration and Login System add-user.php sql injection SourceCodesterUser Registration and Login System Medium 6.3 2023-12-02 09:00:08 Deep Dive
CVE-2023-6463 SourceCodester User Registration and Login System add-user.php cross site scripting SourceCodesterUser Registration and Login System Low 3.5 2023-12-01 22:31:05 Deep Dive
CVE-2023-6462 SourceCodester User Registration and Login System delete-user.php cross site scripting SourceCodesterUser Registration and Login System Low 3.5 2023-12-01 21:31:04 Deep Dive
CVE-2023-48746 WordPress Community by PeepSo Plugin <= 6.2.6.0 is vulnerable to Cross Site Scripting (XSS) PeepSoCommunity by PeepSo – Social Network, Membership, Registration, User Profiles High 7.1 2023-11-30 16:25:31 Deep Dive
CVE-2023-44150 WordPress ProfilePress Plugin <= 4.13.2 is vulnerable to Sensitive Data Exposure ProfilePress Membership TeamPaid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress High 7.5 2023-11-30 14:50:36 Deep Dive
CVE-2023-47645 WordPress RegistrationMagic Plugin <= 5.2.2.6 is vulnerable to Cross Site Request Forgery (CSRF) RegistrationMagicRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login Medium 4.3 2023-11-30 13:34:47 Deep Dive
CVE-2023-47850 WordPress Community by PeepSo Plugin <= 6.2.2.0 is vulnerable to Cross Site Scripting (XSS) PeepSoCommunity by PeepSo – Social Network, Membership, Registration, User Profiles Medium 6.5 2023-11-30 11:43:09 Deep Dive
CVE-2023-6187 Paid Memberships Pro <= 2.12.3 - Authenticated (Subscriber+) Arbitrary File Upload strangerstudiosPaid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions High 7.5 2023-11-18 01:54:35 Deep Dive
CVE-2023-46201 WordPress Auto Login New User After Registration Plugin <= 1.9.6 is vulnerable to Cross Site Request Forgery (CSRF) Jeff SherkAuto Login New User After Registration High 7.1 2023-11-13 04:09:16 Deep Dive
CVE-2023-47669 WordPress Profile Builder Plugin <= 3.10.3 is vulnerable to Cross Site Request Forgery (CSRF) CozmoslabsUser Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor Medium 5.4 2023-11-13 00:55:28 Deep Dive