EUVD-2024-27364

Malicious code in bioql PyPI...

EUVD-2021-31735

Malicious code in bioql PyPI...

EUVD-2022-52108

Malicious code in bioql PyPI...

EUVD-2023-48820

Malicious code in bioql PyPI...

EUVD-2024-27361

Malicious code in bioql PyPI...

CVE-2024-48278

Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site Request Forgery CSRF via /edit-profile.php...

CVE-2021-39409

A vulnerability exists in Online Student Rate System v1.0 that allows any user to register as an administrator without needing to be authenticated...

CVE-2020-23360

oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where a non-identical password can bypass the checks in /catalog/admin/administrators.php and /catalog/passwordreset.php...

CVE-2025-4179 Flynax Bridge <= 2.2.0 - Unauthenticated Limited Privilege Escalation

The Flynax Bridge plugin for WordPress is vulnerable to limited Privilege Escalation due to a missing capability check on the registerUser function in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to register new user accounts as authors...

PT-2025-17160 · Devrix · Devrix Restrict User Registration

Name of the Vulnerable Software and Affected Versions: DevriX Restrict User Registration versions 1.0.1 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actio...

CVE-2025-3282

The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.3 via the userregistrationmembershipregistermember due to missing validation on the...

CVE-2025-2228

The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.8 the 'registeruser' function. This makes it possible for authenticated attackers, with...

CVE-2024-13818 Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction <= 3.8.3.9 - Sensitive Information Exposure via Log Files

The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.3.9 through publicly exposed log files. This...

CVE-2024-21650

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to a remote code execution RCE attack through its user registration feature. This issue allows an attacker to execute arbitrary code by crafting malicious payloads in the...

CVE-2024-10508

The RegistrationMagic – User Registration Plugin with Custom Registration Forms plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.0.2.6. This is due to the plugin not properly validating the password reset token prior to updati...

CVE-2024-11293

The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Social Sites Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.7.9. This is due to insufficient...

CVE-2024-10589 Leopard <= 3.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The Leopard - WordPress Offload Media plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the importsettings function in all versions up to, and including, 3.1.1. This makes it possible for authenticate...

XWiki 8.0 < 13.10.5, 14.0 < 14.3 User Registration Vulnerability (GHSA-h5j3-5x63-p8jv)

Xwiki is prone to a user registration vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescription...

CVE-2021-44937

glFusion CMS v1.7.9 is affected by an arbitrary user registration vulnerability in /publichtml/users.php. An attacker can register with the mailbox of any user. When users want to register, they will find that the mailbox has been occupied...

Mitsubishi Electric MELSEC iQ-R series 访问控制错误漏洞

The Mitsubishi Electric MELSEC iQ-R series is a programmable logic controller from Mitsubishi Electric Corporation Mitsubishi Electric. An access control error vulnerability exists in the Mitsubishi Electric MELSEC iQ-R series of products. The vulnerability arises from a product that does not hav...