6 matches found
WordPress ProfilePress Plugin < 4.13.2 Multiple Vulnerabilities
The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:properfraction:profilepress"; if description...
CVE-2023-41953
Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress.This issue affects ProfilePress: from n/a through 4.13.1...
CVE-2023-41953 WordPress ProfilePress plugin <= 4.13.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress.This issue affects ProfilePress: from n/a through 4.13.1...
CVE-2023-41953
CVE-2023-41953 concerns the WordPress plugin ProfilePress (Membership Team) up to version 4.13.1, where a Missing Authorization vulnerability exists. The connected PT-2023-8991 document attributes the issue to a flaw in the admin_notice() path that enables a CSRF attack due to incorrect nonce val...
CVE-2023-41953 WordPress ProfilePress plugin <= 4.13.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress.This issue affects ProfilePress: from n/a through 4.13.1...
WordPress ProfilePress Plugin <= 4.13.1 is vulnerable to Broken Access Control
Software ProfilePress Type Plugin Vulnerable versions = 4.13.1 Fixed in 4.13.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-41953 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5739c8dcaf0e Credits Abdi Pranata Required privileg...