304 matches found
CVE-2020-23051
Phpgurukul User Registration & User Management System v2.0 was discovered to contain multiple stored cross-site scripting XSS vulnerabilities via the firstname and lastname parameters of the registration form & loginsystem input fields...
CVE-2015-10107
A vulnerability was found in Simplr Registration Form Plus+ Plugin up to 2.3.4 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 2.3.5 is able to addres...
CVE-2018-13879
A reflected XSS issue was discovered in the registration form in Rocket.Chat before 0.66. When one creates an account, the next step will ask for a username. This field will not save HTML control characters but an error will be displayed that shows the attempted username unescaped via...
CVE-2025-32374
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Possible denial of service with specially crafted information in the public registration form. This vulnerability is fixed in 9.13.8...
Denial of Service (DoS)
Overview DotNetNuke.Core is a references provider to the DotNetNuke.dll to develop extensions for the DNN Platform. Affected versions of this package are vulnerable to Denial of Service DoS through the public registration form. Details Denial of Service DoS describes a family of attacks, all aime...
CVE-2025-32374 Possible Denial of Service (DoS) in DNN.PLATFORM registration
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Possible denial of service with specially crafted information in the public registration form. This vulnerability is fixed in 9.13.8...
CVE-2025-32374 Possible Denial of Service (DoS) in DNN.PLATFORM registration
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Possible denial of service with specially crafted information in the public registration form. This vulnerability is fixed in 9.13.8...
DNN 安全漏洞
DNN aka DotNetNuke is a Microsoft-supported, open-source content management system CMS based on the ASP.NET platform from the U.S. company DNN. The system is easy to install, scalable and feature-rich. A security vulnerability exists in DNN, which stems from the fact that specially crafted...
PT-2025-15706 · Dnn · Dnn
Name of the Vulnerable Software and Affected Versions: DNN formerly DotNetNuke versions prior to 9.13.8 Description: The issue concerns a possible denial of service that can be triggered by submitting specially crafted information in the public registration form. Recommendations: For versions pri...
PT-2025-14471 · WordPress · Front End Users
Name of the Vulnerable Software and Affected Versions: Front End Users plugin for WordPress versions up to, and including, 3.2.32 Description: The Front End Users plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the file uploads field of the...
CVE-2024-13120
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even wh...
CVE-2021-4331
The Plus Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to, and including 4.1.9 pro and 2.0.6 free. The plugin adds a registration form to the Elementor page builders functionality. As part of the registration form, users can choose which role to se...
CVE-2024-8246
The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions UGC plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.8.11. This is due to plugin not properly restricting what users have access to se...
CVE-2024-10518
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.15 does not sanitise and escape some of its Membership Plan settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting...
CVE-2021-4447
The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to and including 4.6.4 due to a lack of restrictions on who can add a registration form and a custom registration role to an Elementor created page. This makes it possible for attackers wi...
CVE-2021-4447
The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to and including 4.6.4 due to a lack of restrictions on who can add a registration form and a custom registration role to an Elementor created page. This makes it possible for attackers wi...
CVE-2021-4447 Essential Addons for Elementor <= 4.6.4 - Authenticated (Contributor+) Privilege Escalation
The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to and including 4.6.4 due to a lack of restrictions on who can add a registration form and a custom registration role to an Elementor created page. This makes it possible for attackers wi...
CVE-2021-4447
CVE-2021-4447 affects the WordPress plugin Essential Addons for Elementor (versions up to 4.6.4). The root cause is a lack of access restrictions on who can add a registration form and a custom registration role to an Elementor page, enabling attackers with Elementor access to create a registrati...
PT-2024-11044 · WordPress · Essential Addons For Elementor
Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to and including 4.6.4 Description: The issue is related to a lack of restrictions on who can add a registration form and a custom registration role to an Elementor created...
WordPress UserPlus plugin <= 2.0 - Authenticated (Editor+) Registration Form Update to Privilege Escalation vulnerability
Authenticated Editor+ Registration Form Update to Privilege Escalation vulnerability discovered by István Márton in WordPress Plugin UserPlus versions = 2.0...