100 matches found
WordPress User Registration plugin <= 5.1.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by 0xd4rk5id3 in WordPress Plugin User Registration versions = 5.1.2...
EUVD-2026-30254
The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.1.2. This is due to the infusedwoogdprupddata function missing authorization and capability checks, as well as lacking restrictions on which user meta keys can be updated. This...
CVE-2026-6506 InfusedWoo Pro <= 5.1.2 - Authenticated (Subscriber+) Missing Authorization to Privilege Escalation via Arbitrary User Meta Update
The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.1.2. This is due to the infusedwoogdprupddata function missing authorization and capability checks, as well as lacking restrictions on which user meta keys can be updated. This...
CVE-2026-6644
A command injection vulnerability was found in the PPTP VPN Clients on the ADM. The vulnerability allows an administrative user to break out of the restricted web environment and execute arbitrary code on the underlying operating system. This occurs due to insufficient validation of user-supplied...
Exploit for CVE-2026-1492
CVE-2026-1492 User Registration & Membership = 5.1.2 -...
WordPress User Registration & Membership plugin <= 5.1.2 - Authenticated (Subscriber+) SQL Injection via membership_ids[] vulnerability
Authenticated Subscriber+ SQL Injection via membershipids vulnerability discovered by WordFence in WordPress Plugin User Registration versions = 5.1.2...
CVE-2026-1865 User Registration & Membership <= 5.1.2 - Authenticated (Subscriber+) SQL Injection via membership_ids[]
The User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder plugin for WordPress is vulnerable to SQL Injection via the ‘membershipids’ parameter in all versions up to, and including, 5.1.2 due to...
CVE-2026-1865 User Registration & Membership <= 5.1.2 - Authenticated (Subscriber+) SQL Injection via membership_ids[]
The User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder plugin for WordPress is vulnerable to SQL Injection via the ‘membershipids’ parameter in all versions up to, and including, 5.1.2 due to...
EUVD-2026-11846
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in robosoft Robo Gallery robo-gallery allows DOM-Based XSS.This issue affects Robo Gallery: from n/a through = 5.1.2...
WordPress User Registration & Membership plugin <= 5.1.2 - Unauthenticated Privilege Escalation via Membership Registration vulnerability
Unauthenticated Privilege Escalation via Membership Registration vulnerability discovered by Foxyyy in WordPress Plugin User Registration versions = 5.1.2...
CVE-2026-1492
The User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to improper privilege management in all versions up to, and including, 5.1.2. This is due to the plugin accepting a...
WordPress plugin User Registration & Membership 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
VulnCheck KEV: CVE-2026-1492
The User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to improper privilege management in all versions up to, and including, 5.1.2. This is due to the plugin accepting a...
WordPress User Registration & Membership plugin <= 5.1.2 - Authentication Bypass vulnerability
Authentication Bypass vulnerability discovered by 0xd4rk5id3 - EnvoraSec in WordPress Plugin User Registration versions = 5.1.2...
PT-2026-22112
Name of the Vulnerable Software and Affected Versions User Registration & Membership plugin for WordPress versions up to and including 5.1.2 Description The User Registration & Membership plugin for WordPress is affected by an authentication bypass. This is caused by incorrect authentication in t...
WordPress plugin User Registration & Membership 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
Allocation of Resources Without Limits or Throttling
Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the mimetex process. An attacker can exhaust server resources and cause service disruption by submitting specially crafted TeX formulas...
CVE-2025-13691 DataStage on Cloud Pak for Data is vulnerable to sensitive information leaks due to HTTP processing
IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used to impersonate other users in the system...
IBM DataStage on Cloud Pak for Data 安全漏洞
IBM DataStage on Cloud Pak for Data is an enterprise-level data integration solution provided by International Business Machines IBM. Versions 5.1.2 to 5.3.0 of IBM DataStage on Cloud Pak for Data contain security vulnerabilities. These vulnerabilities stem from the return of sensitive informatio...
PT-2026-20226
Name of the Vulnerable Software and Affected Versions IBM DataStage on Cloud Pak for Data versions 5.1.2 through 5.3.0 Description IBM DataStage on Cloud Pak for Data returns sensitive information in an HTTP response. This information could potentially be used to impersonate other users within th...