ProfilePress <= 4.13.1 — Unauthenticated Privilege Escalation

Improper Privilege Management vulnerability in ProfilePress Membership Team ProfilePress allows Privilege Escalation.This issue affects ProfilePress: from n/a through 4.13.1. id: CVE-2023-41954 info: name: ProfilePress = 4.13.1 — Unauthenticated Privilege Escalation author: daffainfo severity: hi...

CVE-2026-41954

Sensitive information disclosure vulnerability exists in the undisclosed iControl REST endpoint and TMOS Shell tmsh command which may allow an authenticated attacker with resource administrator role privileges to view sensitive information. Note: Software versions which have reached End of...

K32950402: iControl REST and tmsh vulnerability CVE-2026-41954

Security Advisory Description Sensitive information disclosure vulnerability exists in the undisclosed iControl REST endpoint and TMOS Shell tmsh command which may allow an authenticated attacker with resource administrator role privileges to view sensitive information. CVE-2026-41954 Impact An...

CVE-2023-41954

creationtimestamp| type| source ---|---|--- 2025-11-29 23:34:16+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-41954.yaml 2025-12-01 21:02:38+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m6xda5caqj2w...

CVE-2024-41954

FOG is a cloning/imaging/rescue suite/inventory management system. The application stores plaintext service account credentials in the "/opt/fog/.fogsettings" file. This file is by default readable by all users on the host. By exploiting these credentials, a malicious user could create new accoun...

CVE-2023-41954

Improper Privilege Management vulnerability in ProfilePress Membership Team ProfilePress allows Privilege Escalation.This issue affects ProfilePress: from n/a through 4.13.1...

WordPress ProfilePress Plugin < 4.13.2 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:properfraction:profilepress"; if description...

CVE-2024-41954

creationtimestamp| type| source ---|---|--- 2024-07-31 22:41:34+00:00| seen| https://t.me/cvedetector/2169...

CVE-2023-41954

Improper Privilege Management vulnerability in ProfilePress Membership Team ProfilePress allows Privilege Escalation.This issue affects ProfilePress: from n/a through 4.13.1...

CVE-2023-41954 WordPress ProfilePress plugin <= 4.13.1 - Unauthenticated Limited Privilege Escalation vulnerability

Improper Privilege Management vulnerability in ProfilePress Membership Team ProfilePress allows Privilege Escalation.This issue affects ProfilePress: from n/a through 4.13.1...

CVE-2023-41954

ProfilePress WordPress plugin

CVE-2023-41954 WordPress ProfilePress plugin <= 4.13.1 - Unauthenticated Limited Privilege Escalation vulnerability

Improper Privilege Management vulnerability in ProfilePress Membership Team ProfilePress allows Privilege Escalation.This issue affects ProfilePress: from n/a through 4.13.1...

Oracle Primavera Unifier (October 2023 CPU)

The versions of Primavera Unifier installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory. - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering component: User Interface jQueryUI. Supported versions th...

VulnCheck KEV: CVE-2023-41954

Improper Privilege Management vulnerability in ProfilePress Membership Team ProfilePress allows Privilege Escalation.This issue affects ProfilePress: from n/a through 4.13.1...

WordPress ProfilePress Plugin <= 4.13.1 is vulnerable to Privilege Escalation

Software ProfilePress Type Plugin Vulnerable versions = 4.13.1 Fixed in 4.13.2 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-41954 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID d5c79c2dbd22 Credits Revan...

CVE-2022-41954 Temporary File Information Disclosure Vulnerability

MPXJ is an open source library to read and write project plans from a variety of file formats and databases. On Unix-like operating systems not Windows or macos, MPXJ's use of File.createTempFile.. results in temporary files being created with the permissions -rw-r--r--. This means that any other...