CVE-2024-11083

🗓️ 27 Nov 2024 05:31:54Reported by WordfenceType

ProfilePress plugin vulnerability in WordPres

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2024-11083	27 Nov 202405:40	–	circl
CNNVD	WordPress plugin ProfilePress 信息泄露漏洞	27 Nov 202400:00	–	cnnvd
Cvelist	CVE-2024-11083 ProfilePress <= 4.15.18 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure	27 Nov 202405:31	–	cvelist
EUVD	EUVD-2024-33738	3 Oct 202520:07	–	euvd
NVD	CVE-2024-11083	27 Nov 202406:15	–	nvd
OpenVAS	WordPress ProfilePress Plugin < 4.15.19 Information Disclosure Vulnerability	5 Feb 202500:00	–	openvas
Patchstack	WordPress ProfilePress plugin <= 4.15.18 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability	26 Nov 202422:21	–	patchstack
Patchstack	WordPress ProfilePress Plugin <= 4.15.18 is vulnerable to Sensitive Data Exposure	26 Nov 202400:00	–	patchstack
Positive Technologies	PT-2024-16746 · WordPress · Profilepress	27 Nov 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-11083	23 May 202506:56	–	redhatcve

NVD

Vulners

Vulnrichment

Node

properfraction profilepressRange<4.15.19freewordpress

[
  {
    "vendor": "properfraction",
    "product": "Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "4.15.18",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
plugins	www.plugins.trac.wordpress.org/changeset/3197296/wp-user-avatar
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/60c8159f-0641-4b75-9d56-34bd13105caf

08 Apr 2026 16:56Current

5.4Medium risk

Vulners AI Score5.4

CVSS 3.15.3

EPSS0.00831

SSVC

CWE-200