Properfraction

Profilepress

36 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-13642

  • EPSS 0.06%
  • Veröffentlicht 09.12.2025 15:23:48
  • Zuletzt bearbeitet 09.12.2025 18:37:13

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.16.7 due to insuffic...

6.5

CVE-2025-8878

  • EPSS 0.37%
  • Veröffentlicht 16.08.2025 11:11:24
  • Zuletzt bearbeitet 18.08.2025 20:16:28

The The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.16.4. This is du...

3.5

CVE-2024-13121

Exploit
  • EPSS 0.1%
  • Veröffentlicht 13.02.2025 06:15:21
  • Zuletzt bearbeitet 21.05.2025 18:56:21

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to per...

4.8

CVE-2024-13120

Exploit
  • EPSS 0.1%
  • Veröffentlicht 13.02.2025 06:15:20
  • Zuletzt bearbeitet 21.05.2025 18:57:54

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to per...

4.8

CVE-2024-13119

Exploit
  • EPSS 0.1%
  • Veröffentlicht 13.02.2025 06:15:20
  • Zuletzt bearbeitet 21.05.2025 19:00:15

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to per...

4.8

CVE-2024-10518

Exploit
  • EPSS 0.34%
  • Veröffentlicht 12.12.2024 06:15:20
  • Zuletzt bearbeitet 17.05.2025 02:28:54

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.15 does not sanitise and escape some of its Membership Plan settings, which could allow high privilege users such...

4.8

CVE-2024-10517

Exploit
  • EPSS 0.35%
  • Veröffentlicht 12.12.2024 06:15:20
  • Zuletzt bearbeitet 17.05.2025 02:28:18

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.15 does not sanitise and escape some of its Drag & Drop Builder fields, which could allow high privilege users su...

5.3

CVE-2023-41953

  • EPSS 0.25%
  • Veröffentlicht 09.12.2024 14:15:08
  • Zuletzt bearbeitet 09.06.2025 19:29:02

Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress.This issue affects ProfilePress: from n/a through 4.13.1.

5.3

CVE-2023-50882

  • EPSS 0.24%
  • Veröffentlicht 09.12.2024 13:15:38
  • Zuletzt bearbeitet 09.06.2025 19:28:15

Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProfilePress: from n/a through 4.13.2.

5.3

CVE-2024-11083

  • EPSS 0.61%
  • Veröffentlicht 27.11.2024 06:15:17
  • Zuletzt bearbeitet 05.06.2025 17:02:09

The ProfilePress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.15.18 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data ...