Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:20 a.m.9 views

CVE-2024-10518

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.15 does not sanitise and escape some of its Membership Plan settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting...

4.8CVSS5.7AI score0.0034EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2025/02/05 12:0 a.m.8 views

WordPress ProfilePress Plugin < 4.15.15 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:properfraction:profilepress"; if description...

4.8CVSS6.9AI score0.0034EPSS
Exploits2References2
NVD
NVD
added 2024/12/12 6:15 a.m.15 views

CVE-2024-10518

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.15 does not sanitise and escape some of its Membership Plan settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting...

4.8CVSS0.0034EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/12/12 6:0 a.m.22 views

CVE-2024-10518 ProfilePress < 4.15.15 - Admin+ Stored XSS

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.15 does not sanitise and escape some of its Membership Plan settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting...

0.0034EPSS
Exploits1References1
Rows per page
Query Builder