Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

metagauss — Vulnerabilities & Security Advisories 101

Browse all 101 CVE security advisories affecting metagauss. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by metagauss:ProfileGrid – User Profiles, Groups and CommunitiesEventPrime – Events Calendar, Bookings and TicketsRegistrationMagicRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User LoginProfileGridEventPrimeProfileGrid Download PluginDownload ThemeEvent Kikfyre
CVE IDTitleCVSSSeverityPublished
CVE-2024-31275 WordPress EventPrime plugin <= 3.3.4 - Booking Price Manipulation vulnerability — EventPrimeCWE-862 8.2 High2024-06-09
CVE-2024-5453 ProfileGrid <= 5.8.6 - Missing Authorization — ProfileGrid – User Profiles, Groups and CommunitiesCWE-862 4.3 Medium2024-06-05
CVE-2023-51544 WordPress RegistrationMagic plugin <= 5.2.5.0 - Form Submission Limit Bypass vulnerability — RegistrationMagicCWE-799 5.3 Medium2024-06-04
CVE-2023-51543 WordPress RegistrationMagic plugin <= 5.2.5.0 - IP Limit Bypass vulnerability — RegistrationMagicCWE-290 5.3 Medium2024-06-04
CVE-2024-32774 WordPress ProfileGrid plugin <= 5.8.2 - Group Members Limit Bypass vulnerability — ProfileGridCWE-307 4.3 Medium2024-05-17
CVE-2023-33321 WordPress EventPrime plugin <= 2.8.6 - Sensitive Data Exposure — EventPrimeCWE-862 5.3 Medium2024-05-17
CVE-2024-33947 WordPress RegistrationMagic plugin <= 5.3.2.0 - Cross Site Scripting (XSS) vulnerability — RegistrationMagicCWE-79 7.1 High2024-05-03
CVE-2024-3606 ProfileGrid – User Profiles, Memberships, Groups and Communities <= 5.8.3 - Missing Authorization — ProfileGrid – User Profiles, Groups and CommunitiesCWE-862 4.3 Medium2024-05-02
CVE-2023-23989 WordPress RegistrationMagic plugin <= 5.1.9.2 - Content Injection — RegistrationMagicCWE-80 5.3 Medium2024-04-24
CVE-2023-23976 WordPress RegistrationMagic plugin <= 5.1.9.2 - Arbitrary Price Change — RegistrationMagicCWE-276 7.5 High2024-04-24
CVE-2024-32772 WordPress ProfileGrid plugin <= 5.7.9 - Insecure Direct Object References (IDOR) vulnerability — ProfileGrid CWE-639 4.3 Medium2024-04-24
CVE-2024-32808 WordPress ProfileGrid plugin <= 5.7.9 - Insecure Direct Object Reference (IDOR) vulnerability — ProfileGrid CWE-639 5.4 Medium2024-04-24
CVE-2024-31362 WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.8 - Cross Site Request Forgery (CSRF) vulnerability — ProfileGrid CWE-352 4.3 Medium2024-04-12
CVE-2024-1991 RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 5.3.0.0 - Authenticated (Subscriber+) Privilege Escalation — RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User LoginCWE-862 8.8 High2024-04-09
CVE-2024-1990 RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 5.3.1.0 - Authenticated (Contributor+) SQL Injection via Shortcode — RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User LoginCWE-89 8.8 High2024-04-09
CVE-2024-31291 WordPress ProfileGrid plugin <= 5.7.6 - IDOR on Friend Request vulnerability — ProfileGrid CWE-639 4.3 Medium2024-04-07
CVE-2024-30513 WordPress ProfileGrid plugin <= 5.7.2 - Insecure Direct Object References (IDOR) vulnerability — ProfileGrid CWE-639 6.5 Medium2024-03-29
CVE-2024-30491 WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.8 - SQL Injection vulnerability — ProfileGrid CWE-89 8.5 High2024-03-29
CVE-2024-30490 WordPress ProfileGrid plugin <= 5.7.8 - SQL Injection vulnerability — ProfileGrid CWE-89 9.3 Critical2024-03-29
CVE-2024-30241 WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.1 - Contributor+ SQL Injection vulnerability — ProfileGrid CWE-89 8.5 High2024-03-28
CVE-2024-29776 WordPress EventPrime plugin <= 3.3.9 - Cross Site Scripting (XSS) vulnerability — EventPrime 5.9 Medium2024-03-27
CVE-2024-2951 WordPress RegistrationMagic plugin <= 5.3.0.0 - Cross Site Request Forgery (CSRF) vulnerability — RegistrationMagicCWE-352 4.3 Medium2024-03-26
CVE-2024-24832 WordPress EventPrime plugin <= 3.3.9 - Broken Access Control vulnerability — EventPrimeCWE-862 8.2 High2024-03-23
CVE-2024-25935 WordPress RegistrationMagic plugin <= 5.2.5.9 - Broken Access Control vulnerability — RegistrationMagicCWE-862 4.3 Medium2024-03-21
CVE-2024-29113 WordPress RegistrationMagic plugin <= 5.2.5.9 - Reflected Cross Site Scripting (XSS) vulnerability — RegistrationMagicCWE-79 7.1 High2024-03-19
CVE-2024-1126 EventPrime – Events Calendar, Bookings and Tickets <= 3.4.2 - Missing Authorization to Authenticated (Subscriber+) Attendee List Retrieval — EventPrime – Events Calendar, Bookings and TicketsCWE-862 4.3 Medium2024-03-13
CVE-2024-1321 EventPrime – Events Calendar, Bookings and Tickets <= 3.4.2 - Unauthenticated Booking Payment Bypass — EventPrime – Events Calendar, Bookings and TicketsCWE-345 5.3 Medium2024-03-13
CVE-2024-1127 EventPrime – Events Calendar, Bookings and Tickets <= 3.4.1 - Missing Authorization to Authenticated (Subscriber+) Event Export — EventPrime – Events Calendar, Bookings and TicketsCWE-862 4.3 Medium2024-03-13
CVE-2024-1125 EventPrime – Events Calendar, Bookings and Tickets <= 3.4.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion — EventPrime – Events Calendar, Bookings and TicketsCWE-862 5.4 Medium2024-03-09
CVE-2024-1320 EventPrime – Events Calendar, Bookings and Tickets <= 3.4.3 - Unauthenticated Stored Cross-Site Scripting — EventPrime – Events Calendar, Bookings and TicketsCWE-79 6.5 Medium2024-03-09

This page lists every published CVE security advisory associated with metagauss. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.