Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 336 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-49604 WordPress Simple User Registration plugin <= 6.7 - Broken Authentication vulnerability N-MediaSimple User Registration Critical 9.8 2024-10-20 07:56:33 Deep Dive
CVE-2024-49217 WordPress Adding drop down roles in registration plugin <= 1.1 - Privilege Escalation vulnerability madiriaashishAdding drop down roles in registration--2024-10-17 17:42:37 Deep Dive
CVE-2024-49247 WordPress BuddyPress Better Registration plugin <= 1.6 - Broken Authentication vulnerability SKBuddyPress Better Registration 超危 -2024-10-16 12:31:02 Deep Dive
CVE-2022-4974 Freemius SDK <= 2.4.2 - Missing Authorization Checks dashlabsltdYASR – Yet Another Star Rating Plugin for WordPress Medium 6.3 2024-10-16 06:43:30 Deep Dive
CVE-2024-9873 Community by PeepSo <= 6.4.6.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting peepsoCommunity by PeepSo – Download from PeepSo.com Medium 5.4 2024-10-16 05:31:56 Deep Dive
CVE-2024-8757 Boost Your Blog's Engagement with WP Post Author <= 3.8.1 - Authenticated (Administrator+) SQL Injection afthemesWP Post Author – Author Box, Multiple Authors, Guest Authors & Custom Avatars High 7.2 2024-10-12 09:39:19 Deep Dive
CVE-2024-9799 SourceCodester Profile Registration without Reload Refresh add.php cross site scripting SourceCodesterProfile Registration without Reload Refresh Low 3.5 2024-10-10 16:31:07 Deep Dive
CVE-2024-9520 UserPlus <= 2.0 - Missing Authorization via Multiple Functions userplusUser registration & user profile – UserPlus Medium 6.3 2024-10-10 02:06:13 Deep Dive
CVE-2024-9518 UserPlus <= 2.0 - Unauthenticated Privilege Escalation userplusUser registration & user profile – UserPlus Critical 9.8 2024-10-10 02:06:06 Deep Dive
CVE-2024-9519 UserPlus <= 2.0 - Authenticated (Editor+) Registration Form Update to Privilege Escalation userplusUser registration & user profile – UserPlus High 7.2 2024-10-10 02:06:04 Deep Dive
CVE-2024-8519 Ultimate Member <= 2.8.6 - Authenticated (Contributor+) Stored Cross-Site Scripting ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Medium 6.4 2024-10-04 02:32:23 Deep Dive
CVE-2024-8520 Ultimate Member <= 2.8.6 - Cross-Site Request Forgery to Membership Status Change ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Medium 5.3 2024-10-04 02:32:22 Deep Dive
CVE-2024-7426 Community by PeepSo – Social Network, Membership, Registration, User Profiles <= 6.4.6.0 - Unauthenticated Full Path Disclosure peepsoCommunity by PeepSo – Download from PeepSo.com Medium 5.3 2024-09-25 02:05:05 Deep Dive
CVE-2024-9093 SourceCodester Profile Registration without Reload Refresh GET Parameter del.php sql injection SourceCodesterProfile Registration without Reload Refresh Medium 6.3 2024-09-23 00:31:07 Deep Dive
CVE-2024-9092 SourceCodester Profile Registration without Reload Refresh Registration Form add.php cross site scripting SourceCodesterProfile Registration without Reload Refresh Low 3.5 2024-09-23 00:31:05 Deep Dive
CVE-2024-8246 Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.11 - Authenticated (Contributor+) Privilege Escalation themekraftPost Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) High 8.8 2024-09-14 03:19:27 Deep Dive
CVE-2024-7618 Community by PeepSo – Social Network, Membership, Registration, User Profiles <= 6.4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via content Parameter peepsoCommunity by PeepSo – Download from PeepSo.com Medium 4.4 2024-09-10 07:30:04 Deep Dive
CVE-2024-7655 Community by PeepSo – Social Network, Membership, Registration, User Profiles <= 6.4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting peepsoCommunity by PeepSo – Download from PeepSo.com Medium 4.4 2024-09-10 07:30:04 Deep Dive
CVE-2024-8292 WP-Recall – Registration, Profile, Commerce & More <= 16.26.8 - Insecure Direct Object Reference to Unauthenticated Arbitrary Password Update wppostWP-Recall – Registration, Profile, Commerce & More Critical 9.8 2024-09-06 06:50:53 Deep Dive
CVE-2024-6883 Event Espresso 4 Decaf – Event Registration Event Ticketing <= 4.10.46.decaf- Authenticated (Subscriber+) Missing Authorization to Limited Plugin Settings Modification eventespressoEvent Espresso – Event Registration & Ticketing Sales Medium 4.3 2024-08-21 05:30:21 Deep Dive