158 matches found
WordPress Binary MLM Woocommerce plugin <= 2.0 - Reflected Cross-Site Scripting via 'page' vulnerability
Reflected Cross-Site Scripting via 'page' vulnerability discovered by vgo0 in WordPress Plugin Binary MLM Woocommerce versions = 2.0...
WordPress Unilevel MLM Plan plugin <= 1.1.0 - Reflected Cross-Site Scripting via 'page' vulnerability
Reflected Cross-Site Scripting via 'page' vulnerability discovered by vgo0 in WordPress Plugin Unilevel MLM Plan versions = 1.1.0...
WordPress Binary MLM Plan plugin elevation of privilege vulnerability
WordPress Binary MLM Plan plugin is a WordPress plugin designed for network marketing, mainly used to simplify the operational process of multi-level marketing MLM business. WordPress Binary MLM Plan plugin suffers from an elevation of privilege vulnerability that stems from the bmpuser role...
CVE-2025-11895
The Binary MLM Plan plugin for WordPress is vulnerable to insecure direct object reference in versions up to, and including, 5.0. This is due to the bmpuserpayoutdetailofcurrentuser function selecting payout records solely by id without verifying ownership. This makes it possible for authenticate...
CVE-2025-11895
The Binary MLM Plan plugin for WordPress is vulnerable to insecure direct object reference in versions up to, and including, 5.0. This is due to the bmpuserpayoutdetailofcurrentuser function selecting payout records solely by id without verifying ownership. This makes it possible for authenticate...
CVE-2025-11895 Binary MLM Plan <= 5.0 - Authenticated (Subscriber+) Insecure Direct Object Reference
The Binary MLM Plan plugin for WordPress is vulnerable to insecure direct object reference in versions up to, and including, 5.0. This is due to the bmpuserpayoutdetailofcurrentuser function selecting payout records solely by id without verifying ownership. This makes it possible for authenticate...
CVE-2025-11895
The CVE-2025-11895 vulnerability affects Binary MLM Plan (WordPress) versions
WordPress plugin Binary MLM Plan 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
WordPress Binary MLM Plan plugin <= 5.0 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Binary MLM Plan versions = 5.0...
CVE-2025-10038
The Binary MLM Plan plugin for WordPress is vulnerable to limited Privilege Escalation in all versions up to, and including, 3.0. This is due to bmpuser role granting all users with the managebmp capability by default upon registration through the plugin's form. This makes it possible for...
CVE-2025-10038
The Binary MLM Plan plugin for WordPress is vulnerable to limited Privilege Escalation in all versions up to, and including, 3.0. This is due to bmpuser role granting all users with the managebmp capability by default upon registration through the plugin's form. This makes it possible for...
CVE-2025-10038
CVE-2025-10038 describes an unauthenticated privilege-escalation in the WordPress plugin Binary MLM Plan (versions up to and including 3.0). The root cause is that the bmp_user role grants the manage_bmp capability by default when users register through the plugin’s form, enabling attackers to re...
CVE-2025-10038 Binary MLM Plan <= 3.0 - Unauthenticated Limited Privilege Escalation
The Binary MLM Plan plugin for WordPress is vulnerable to limited Privilege Escalation in all versions up to, and including, 3.0. This is due to bmpuser role granting all users with the managebmp capability by default upon registration through the plugin's form. This makes it possible for...
EUVD-2025-34553
The Binary MLM Plan plugin for WordPress is vulnerable to limited Privilege Escalation in all versions up to, and including, 3.0. This is due to bmpuser role granting all users with the managebmp capability by default upon registration through the plugin's form. This makes it possible for...
CVE-2025-10038 Binary MLM Plan <= 3.0 - Unauthenticated Limited Privilege Escalation
The Binary MLM Plan plugin for WordPress is vulnerable to limited Privilege Escalation in all versions up to, and including, 3.0. This is due to bmpuser role granting all users with the managebmp capability by default upon registration through the plugin's form. This makes it possible for...
WordPress plugin Binary MLM Plan 安全漏洞
WordPress Binary MLM Plan plugin is a WordPress plugin designed for network marketing, mainly used to simplify the operational process of multi-level marketing MLM business. WordPress Binary MLM Plan plugin suffers from an elevation of privilege vulnerability that stems from the bmpuser role...
EUVD-2017-8794
Malware in sbrugna...
EUVD-2018-9589
Malware in sbrugna...
EUVD-2018-18543
Malware in sbrugna...
EUVD-2018-18608
Malware in sbrugna...