Lucene search
K

6 matches found

OpenVAS
OpenVAS
added 2025/02/05 12:0 a.m.44 views

WordPress ProfilePress Plugin < 4.13.2 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:properfraction:profilepress"; if description...

8.6CVSS6.8AI score0.01397EPSS
Exploits0References2
NVD
NVD
added 2024/12/09 2:15 p.m.26 views

CVE-2023-41953

Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress.This issue affects ProfilePress: from n/a through 4.13.1...

5.3CVSS0.00403EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 1:16 p.m.19 views

CVE-2023-41953 WordPress ProfilePress plugin <= 4.13.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress.This issue affects ProfilePress: from n/a through 4.13.1...

5.3CVSS5.3AI score0.00403EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 1:16 p.m.152 views

CVE-2023-41953

CVE-2023-41953 concerns the WordPress plugin ProfilePress (Membership Team) up to version 4.13.1, where a Missing Authorization vulnerability exists. The connected PT-2023-8991 document attributes the issue to a flaw in the admin_notice() path that enables a CSRF attack due to incorrect nonce val...

5.3CVSS5.6AI score0.00403EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/12/09 1:16 p.m.37 views

CVE-2023-41953 WordPress ProfilePress plugin <= 4.13.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress.This issue affects ProfilePress: from n/a through 4.13.1...

5.3CVSS0.00403EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/09/12 12:0 a.m.15 views

WordPress ProfilePress Plugin <= 4.13.1 is vulnerable to Broken Access Control

Software ProfilePress Type Plugin Vulnerable versions = 4.13.1 Fixed in 4.13.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-41953 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5739c8dcaf0e Credits Abdi Pranata Required privileg...

6.9AI score0.00403EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder