Lucene search
+L

84 matches found

NVD
NVD
added 2024/01/19 3:15 p.m.14 views

CVE-2022-45083

Deserialization of Untrusted Data vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress.This issue affects Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User...

7.2CVSS6.7AI score0.00577EPSS
Exploits0References1
OSV
OSV
added 2024/01/19 3:15 p.m.7 views

CVE-2022-45083

Deserialization of Untrusted Data vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress.This issue affects Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User...

7.2CVSS5.8AI score0.00577EPSS
Exploits0References1
Prion
Prion
added 2024/01/19 3:15 p.m.21 views

Deserialization of untrusted data

Deserialization of Untrusted Data vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress.This issue affects Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User...

5.8CVSS7.2AI score0.00577EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/19 2:37 p.m.20 views

CVE-2022-45083 WordPress ProfilePress Plugin <= 4.3.2 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress.This issue affects Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User...

6.6CVSS7.2AI score0.00577EPSS
Exploits0References1
OSV
OSV
added 2023/11/30 3:15 p.m.5 views

CVE-2023-44150

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress.This issue affects Paid Membership Plugin, Ecommerce, Registration Form, Login...

7.5CVSS7.3AI score0.00658EPSS
Exploits0References1
CVE
CVE
added 2023/11/30 2:50 p.m.78 views

CVE-2023-44150

CVE-2023-44150 affects ProfilePress (Paid Membership Plugin) for WordPress; versions

7.5CVSS7.7AI score0.00658EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/11/23 12:15 a.m.24 views

CVE-2023-47668

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StellarWP Membership Plugin – Restrict Content plugin = 3.2.7 versions...

7.5CVSS0.01009EPSS
Exploits2References1
OSV
OSV
added 2023/11/23 12:15 a.m.3 views

CVE-2023-47668

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StellarWP Membership Plugin – Restrict Content plugin = 3.2.7 versions...

7.5CVSS7.3AI score0.01009EPSS
Exploits2References1
Prion
Prion
added 2023/11/23 12:15 a.m.20 views

Code injection

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StellarWP Membership Plugin – Restrict Content plugin = 3.2.7 versions...

5CVSS7AI score0.01009EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2023/11/23 12:5 a.m.96 views

CVE-2023-47668

The CVE concerns the StellarWP Membership Plugin – Restrict Content, affecting versions ≤ 3.2.7. The root cause is exposure of sensitive information to an unauthorised actor via the plugin’s legacy log mechanism (noted as legacy rcp-debug.log exposure). Practical impact is unauthenticated access ...

7.5CVSS6.2AI score0.01009EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/11/23 12:0 a.m.15 views

Restrict Content < 3.2.8 - Information Exposure via legacy log file

Description The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.7 via the legacy log file. This makes it possible for unauthenticated attackers to extract sensitive data including debug information...

7.5CVSS6.8AI score0.01009EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2023/11/22 12:0 a.m.11 views

WordPress Plugin Membership Plugin - Restrict Content Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Membership Plugin - Restri...

7.5CVSS6.2AI score0.01009EPSS
Exploits2References3
GithubExploit
GithubExploit
added 2023/11/14 8:40 a.m.33 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Liquidweb Restrict_Content

CVE-2023-47668 Restrict Content = 3.2.7 - Information Expo...

7.5CVSS8AI score0.01009EPSS
Exploits2
Patchstack
Patchstack
added 2023/11/08 12:0 a.m.16 views

WordPress Restrict Content Plugin <= 3.2.7 is vulnerable to Sensitive Data Exposure

Software Restrict Content Type Plugin Vulnerable versions = 3.2.7 Fixed in 3.2.8 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2023-47668 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID 1e46aa10dc26 Credits...

7.5CVSS6.4AI score0.01009EPSS
Exploits2References2Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.6 views

WordPress Restrict Content Plugin <= 3.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Restrict Content Type Plugin Vulnerable versions = 3.2.4 Fixed in 3.2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 29b3be2b2832 Credits Rafie Muhammad Patchstack...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2023/07/17 12:0 a.m.4 views

WordPress plugin Membership Plugin - Restrict Content 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.1CVSS6.8AI score0.00486EPSS
Exploits2References2
Patchstack
Patchstack
added 2023/06/26 12:0 a.m.5 views

WordPress Restrict Content Plugin < 3.2.3 is vulnerable to Cross Site Scripting (XSS)

Software Restrict Content Type Plugin Vulnerable versions 3.2.3 Fixed in 3.2.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 140b3a291ad3 Credits Unknown Required privilege...

5.9AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/06/26 12:0 a.m.7 views

WordPress Restrict Content Plugin < 3.2.3 is vulnerable to Broken Access Control

Software Restrict Content Type Plugin Vulnerable versions 3.2.3 Fixed in 3.2.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE N/A Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 64157ce6271e Credits Unknown Required privilege Subscrib...

6.8AI score
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/26 12:0 a.m.20 views

Membership Plugin - Restrict Content < 3.2.3 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged-in admin open a page containing the HTML code below...

6.1CVSS5.7AI score0.00486EPSS
Exploits2Affected Software1
Cvelist
Cvelist
added 2023/03/29 12:35 p.m.31 views

CVE-2022-47444 WordPress ProfilePress Plugin <= 4.4.1 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin = 4.5.3 versions...

7.1CVSS6.4AI score0.00411EPSS
Exploits0References1
Rows per page
Query Builder