Lucene search
+L

310 matches found

vulnrichment
vulnrichment
added 2026/01/10 8:22 a.m.2 views

CVE-2025-14976 User Registration & Membership <= 4.4.8 - Cross-Site Request Forgery to Arbitrary Post Deletion

The User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.4.8. This is due to missing or incorrect nonce...

5.4CVSS5.1AI score0.00123EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/01/09 10:51 a.m.7 views

CVE-2022-42235

A Stored XSS issue in Student Clearance System v.1.0 allows the injection of arbitrary JavaScript in the Student registration form...

5.4CVSS6.2AI score0.00465EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/01/09 9:54 a.m.9 views

CVE-2020-23984

Online Hotel Booking System Pro PHP Version 1.3 has Persistent Cross-site Scripting in Customer registration-form all-tags...

5.4CVSS6.7AI score0.00602EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/01/09 8:59 a.m.11 views

CVE-2023-50256

Froxlor is open source server administration software. Prior to version 2.1.2, it was possible to submit the registration form with the essential fields, such as the username and password, left intentionally blank. This inadvertent omission allowed for a bypass of the mandatory field requirements...

7.5CVSS6.7AI score0.00716EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/01/09 8:57 a.m.7 views

CVE-2023-4213

The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it...

8.8CVSS5.9AI score0.00615EPSS
Exploits0References1
patchstack
patchstack
added 2026/01/06 6:12 a.m.11 views

WordPress AS Password Field In Default Registration Form plugin <= 2.0.0 - Unauthenticated Privilege Escalation via Account Takeover vulnerability

Unauthenticated Privilege Escalation via Account Takeover vulnerability discovered by Drew Webber mcdruid in WordPress Plugin AS Password Field In Default Registration Form versions = 2.0.0...

9.8CVSS6.8AI score0.00317EPSS
Exploits0References1Affected Software1
cve
cve
added 2026/01/06 4:31 a.m.19 views

CVE-2025-14996

CVE-2025-14996 affects the AS Password Field In Default Registration Form WordPress plugin (

9.8CVSS6.4AI score0.00317EPSS
Exploits0References2
cvelist
cvelist
added 2026/01/06 4:31 a.m.29 views

CVE-2025-14996 AS Password Field In Default Registration Form <= 2.0.0 - Unauthenticated Privilege Escalation via Account Takeover

The AS Password Field In Default Registration Form plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.0.0. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it...

9.8CVSS0.00317EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/01/06 4:31 a.m.2 views

CVE-2025-14996 AS Password Field In Default Registration Form <= 2.0.0 - Unauthenticated Privilege Escalation via Account Takeover

The AS Password Field In Default Registration Form plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.0.0. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it...

9.8CVSS6.4AI score0.00317EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/01/06 12:0 a.m.7 views

WordPress plugin AS Password Field In Default Registration Form 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability...

9.8CVSS6.5AI score0.00317EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/01/06 12:0 a.m.6 views

PT-2026-1413

Name of the Vulnerable Software and Affected Versions AS Password Field In Default Registration Form plugin for WordPress versions prior to 2.0.1 Description The plugin does not properly validate a user’s identity before allowing password updates. This allows unauthenticated attackers to change...

9.8CVSS7AI score0.00317EPSS
Exploits0References8
cve
cve
added 2025/10/15 8:25 a.m.25 views

CVE-2025-10038

CVE-2025-10038 describes an unauthenticated privilege-escalation in the WordPress plugin Binary MLM Plan (versions up to and including 3.0). The root cause is that the bmp_user role grants the manage_bmp capability by default when users register through the plugin’s form, enabling attackers to re...

6.5CVSS5.5AI score0.00317EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2001-0520

Malware in sbrugna...

10CVSS6.4AI score0.04539EPSS
Exploits1References6
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-1116

Malware in sbrugna...

5CVSS6.4AI score0.03127EPSS
Exploits1References6
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-1117

Malware in sbrugna...

6.1CVSS4.7AI score0.00594EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-5442

Malware in sbrugna...

4.3CVSS6.4AI score0.00921EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-0817

Malware in sbrugna...

4.3CVSS6.4AI score0.01342EPSS
Exploits1References9
euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-11072

Malware in sbrugna...

6.5CVSS6.5AI score0.009EPSS
Exploits2References3
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-16720

Malware in sbrugna...

5.4CVSS5.6AI score0.00602EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-3504

Malware in sbrugna...

6.1CVSS6.5AI score0.02273EPSS
Exploits0References3
Rows per page
Query Builder