Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 204 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2023-32092 WordPress Community by PeepSo Plugin <= 6.0.9.0 is vulnerable to Cross Site Request Forgery (CSRF) PeepSoCommunity by PeepSo – Social Network, Membership, Registration, User Profiles 高危 -2023-11-09 22:36:19 Deep Dive
CVE-2023-5228 User Registration < 3.0.4.2 - Admin+ Stored XSS UnknownUser Registration 低危 -2023-11-06 20:40:46 Deep Dive
CVE-2023-46202 WordPress Auto Login New User After Registration Plugin <= 1.9.6 is vulnerable to Cross Site Request Forgery (CSRF) Jeff SherkAuto Login New User After Registration Medium 4.3 2023-10-24 10:51:02 Deep Dive
CVE-2020-36754 Paid Memberships Pro <= 2.4.2 - Cross-Site Request Forgery Bypass strangerstudiosPaid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions Medium 4.3 2023-10-20 07:29:35 Deep Dive
CVE-2023-3342 User Registration <= 3.0.2 - Authenticated (Subscriber+) Arbitrary File Upload wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Critical 9.9 2023-07-13 02:04:15 Deep Dive
CVE-2023-3343 User Registration <= 3.0.1 - Authenticated (Subscriber+) PHP Object Injection wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder High 8.8 2023-07-13 02:04:15 Deep Dive
CVE-2023-2548 RegistrationMagic <= 5.2.0.5 - Authenticated (Admin+) Insecure Direct Object Reference to Arbitrary User Password Change metagaussRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login Medium 6.6 2023-05-16 08:40:02 Deep Dive
CVE-2023-2499 RegistrationMagic <= 5.2.1.0 - Authentication Bypass metagaussRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login Critical 9.8 2023-05-16 08:40:01 Deep Dive
CVE-2023-2297 Profile Builder – User Profile & User Registration Forms <= 3.9.0 - Insecure Password Reset Mechanism cozmoslabsUser Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor Critical 9.8 2023-04-26 23:30:18 Deep Dive
CVE-2023-23987 WordPress User Registration plugin <= 2.3.0 - Cross Site Scripting (XSS) wpeverestUser Registration Medium 5.9 2023-04-06 05:22:56 Deep Dive
CVE-2022-41633 WordPress Community by PeepSo Plugin <= 6.0.2.0 is vulnerable to Cross Site Request Forgery (CSRF) PeepSoCommunity by PeepSo – Social Network, Membership, Registration, User Profiles Medium 5.4 2023-04-04 11:12:16 Deep Dive
CVE-2022-47444 WordPress ProfilePress Plugin <= 4.4.1 is vulnerable to Cross Site Scripting (XSS) ProfilePress Membership TeamPaid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress High 7.1 2023-03-29 12:35:45 Deep Dive
CVE-2022-38971 WordPress BuddyForms Plugin <= 2.7.5 is vulnerable to Cross Site Scripting (XSS) ThemeKraftPost Form – Registration Form – Profile Form for User Profiles and Content Forms for User Submissions Medium 4.7 2023-03-16 08:49:16 Deep Dive
CVE-2023-0814 Profile Builder – User Profile & User Registration Forms <= 3.9.0 - Sensitive Information Disclosure via Shortcode cozmoslabsUser Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor Medium 6.5 2023-02-14 01:13:13 Deep Dive
CVE-2022-4831 Custom User Profile Fields for User Registration & Member Frontend Profiles with Paid Memberships Pro < 1.8.1 - Contributor+ Stored XSS via Shortcode UnknownCustom User Profile Fields for User Registration & Member Frontend Profiles with Paid Memberships Pro 中危 -2023-01-30 20:31:56 Deep Dive
CVE-2022-4697 ProfilePress <= 4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 5.5 2022-12-23 15:11:46 Deep Dive
CVE-2022-4698 ProfilePress <= 4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Form Settings properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 5.5 2022-12-23 15:09:51 Deep Dive
CVE-2022-4519 WP User <= 7.0 - Authenticated (Administrator+) Stored Cross-Site Scripting walkeprashantWP User – Custom Registration Forms, Login and User Profile Medium 5.5 2022-12-15 19:19:18 Deep Dive
CVE-2022-3912 User Registration < 2.2.4.1 - Subscriber+ Arbitrary File Upload UnknownUser Registration 高危 -2022-12-12 17:54:36 Deep Dive
CVE-2022-3383 Ultimate Member – User Profile, User Registration, Login & Membership Plugin <= 2.5.0 - Authenticated (Admin+) Remote Code Execution via Multi-Select ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin High 7.2 2022-11-29 20:40:10 Deep Dive