Lucene search
+L

5 matches found

OpenVAS
OpenVAS
added 2021/09/28 12:0 a.m.29 views

WordPress ProfilePress Plugin 3.0.0 < 3.1.4 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:properfraction:profilepress"; if description...

9.8CVSS9.3AI score0.68862EPSS
Exploits14References1
CVE
CVE
added 2021/07/07 12:21 p.m.77 views

CVE-2021-34623

The CVE-2021-34623 entry describes an Arbitrary File Upload vulnerability in the Image Uploader component of the ProfilePress WordPress plugin, affecting versions 3.0.0–3.1.3. The issue allows attackers to upload arbitrary files during user registration or profile updates. Connected sources indic...

9.8CVSS9.5AI score0.02101EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2021/07/07 12:21 p.m.15 views

CVE-2021-34623 ProfilePress 3.0 - 3.1.3 - Arbitrary File Upload in Image Uploader Component

A vulnerability in the image uploader component found in the /src/Classes/ImageUploader.php file of the ProfilePress WordPress plugin made it possible for users to upload arbitrary files during user registration or during profile updates. This issue affects versions 3.0.0 - 3.1.3...

9.8CVSS9.7AI score0.02101EPSS
Exploits2References1
Circl
Circl
added 2021/07/05 12:18 p.m.6 views

CVE-2021-34623

creationtimestamp| type| source ---|---|--- 2021-07-05 12:18:01+00:00| seen| https://t.me/CyberSecurityTechnologies/3770 2021-07-07 16:37:44+00:00| seen| https://t.me/cibsecurity/25960...

9.8CVSS8.7AI score0.02101EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2021/07/05 12:0 a.m.33 views

ProfilePress Plugin for WordPress 3.x < 3.1.4 Multiple Vulnerabilities

The WordPress ProfilePress Plugin installed on the remote host is affected by multiple vulnerabilities : - An unauthenticated privilege escalation exists when supplying wpcapabilties as an array parameter while registering. CVE-2021-34621 - An authenticated privilege escalation exists within the...

9.8CVSS9.9AI score0.68862EPSS
Exploits14References6
Rows per page
Query Builder