310 matches found
CVE-2025-14976 User Registration & Membership <= 4.4.8 - Cross-Site Request Forgery to Arbitrary Post Deletion
The User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.4.8. This is due to missing or incorrect nonce...
CVE-2022-42235
A Stored XSS issue in Student Clearance System v.1.0 allows the injection of arbitrary JavaScript in the Student registration form...
CVE-2020-23984
Online Hotel Booking System Pro PHP Version 1.3 has Persistent Cross-site Scripting in Customer registration-form all-tags...
CVE-2023-50256
Froxlor is open source server administration software. Prior to version 2.1.2, it was possible to submit the registration form with the essential fields, such as the username and password, left intentionally blank. This inadvertent omission allowed for a bypass of the mandatory field requirements...
CVE-2023-4213
The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it...
WordPress AS Password Field In Default Registration Form plugin <= 2.0.0 - Unauthenticated Privilege Escalation via Account Takeover vulnerability
Unauthenticated Privilege Escalation via Account Takeover vulnerability discovered by Drew Webber mcdruid in WordPress Plugin AS Password Field In Default Registration Form versions = 2.0.0...
CVE-2025-14996
CVE-2025-14996 affects the AS Password Field In Default Registration Form WordPress plugin (
CVE-2025-14996 AS Password Field In Default Registration Form <= 2.0.0 - Unauthenticated Privilege Escalation via Account Takeover
The AS Password Field In Default Registration Form plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.0.0. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it...
CVE-2025-14996 AS Password Field In Default Registration Form <= 2.0.0 - Unauthenticated Privilege Escalation via Account Takeover
The AS Password Field In Default Registration Form plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.0.0. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it...
WordPress plugin AS Password Field In Default Registration Form 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability...
PT-2026-1413
Name of the Vulnerable Software and Affected Versions AS Password Field In Default Registration Form plugin for WordPress versions prior to 2.0.1 Description The plugin does not properly validate a user’s identity before allowing password updates. This allows unauthenticated attackers to change...
CVE-2025-10038
CVE-2025-10038 describes an unauthenticated privilege-escalation in the WordPress plugin Binary MLM Plan (versions up to and including 3.0). The root cause is that the bmp_user role grants the manage_bmp capability by default when users register through the plugin’s form, enabling attackers to re...
EUVD-2001-0520
Malware in sbrugna...
EUVD-2006-1116
Malware in sbrugna...
EUVD-2015-1117
Malware in sbrugna...
EUVD-2006-5442
Malware in sbrugna...
EUVD-2006-0817
Malware in sbrugna...
EUVD-2021-11072
Malware in sbrugna...
EUVD-2020-16720
Malware in sbrugna...
EUVD-2018-3504
Malware in sbrugna...