155 matches found
CVE-2024-27995
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup allows Stored XSS.This issue affects ARMember – Membership Plugin, Content Restrictio...
CVE-2024-27995
CVE-2024-27995 (ARMember) : The vulnerability is an authenticated (Administrator+) stored cross-site scripting flaw in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup. The issue arises from improper neutralization of input during web...
PT-2024-22193 · Repute Infosystems · Armember
Name of the Vulnerable Software and Affected Versions: Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup versions through 4.0.23 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also kno...
CVE-2023-52200
CVE-2023-52200 affects ARMember
CVE-2023-52200 WordPress ARMember Plugin <= 4.0.22 is vulnerable to Cross Site Request Forgery (CSRF) leading to PHP Object Injection
Cross-Site Request Forgery CSRF, Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup.This issue affects ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile &...
CVE-2023-50841
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin...
CVE-2023-50841
CVE-2023-50841 denotes an SQL Injection in BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin by Repute Infosystems. Affected versions are listed as from n/a through 1.0.72. The Red Hat advisory confirms the flaw (improper neutralization of input in SQL) and states th...
CVE-2023-36507
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.6...
CVE-2023-36507 WordPress BookingPress Plugin <= 1.0.64 is vulnerable to Sensitive Data Exposure
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.6...
CVE-2023-36507
Summary (CVE-2023-36507) : Affected software is the BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin for WordPress. The issue is an unauthenticated information disclosure in BookingPress versions up to and including 1.0.64, caused by exposure of sensitive server inf...
CVE-2022-46808
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Repute Infosystems ARMember armember-membership allows SQL Injection.This issue affects ARMember: from n/a through 3.4.11...
CVE-2022-46808
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Repute Infosystems ARMember armember-membership allows SQL Injection.This issue affects ARMember: from n/a through 3.4.11...
Sql injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Repute Infosystems ARMember armember-membership allows SQL Injection.This issue affects ARMember: from n/a through 3.4.11...
CVE-2022-46808
CVE-2022-46808 affects ARMember (armember-membership) for WordPress. Description confirms an unauthenticated SQL Injection due to improper neutralization, impacting ARMember versions up to 3.4.11. The vulnerability is classified as high severity (NVD metrics show CVSS v3.1 base score 9.8; PatchSt...
CVE-2022-47421
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Repute InfoSystems ARMember free, Repute InfoSystems ARMember premium plugins...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Repute InfoSystems ARMember free, Repute InfoSystems ARMember premium plugins...
CVE-2022-47421 WordPress ARMember (free) and ARMember (premium) plugins - vulnerable to Auth. Stored Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Repute InfoSystems ARMember free, Repute InfoSystems ARMember premium plugins...
CVE-2022-47421
CVE-2022-47421: Auth. (admin+) Stored Cross-Site Scripting in Repute InfoSystems ARMember (free) and ARMember (premium) WordPress plugins. Administrative users can inject stored XSS via input in ARMember settings/messages; impact per sources includes confidentiality/integrity exposure with potent...
CVE-2022-47421 WordPress ARMember (free) and ARMember (premium) plugins - vulnerable to Auth. Stored Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Repute InfoSystems ARMember free, Repute InfoSystems ARMember premium plugins...
CVE-2023-33323
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Repute InfoSystems ARMember plugin = 4.0.2 versions...