CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

OpenVAS•added 2025/02/27 12:0 a.m.•8 views

WordPress ProfilePress Plugin < 4.15.20 Multiple XSS Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:properfraction:profilepress"; if description...

4.8CVSS6.8AI score0.00471EPSS

Exploits3References3

OpenVAS•added 2025/02/05 12:0 a.m.•8 views

WordPress ProfilePress Plugin < 4.14.4 XSS Vulnerability

6.4CVSS6.9AI score0.00239EPSS

Exploits0References1

Patchstack•added 2024/05/23 12:0 a.m.•7 views

WordPress ProfilePress Plugin <= 4.15.8 is vulnerable to Cross Site Scripting (XSS)

Software ProfilePress Type Plugin Vulnerable versions = 4.15.8 Fixed in 4.15.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2861 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d97813861064 Credits wesley wcraft Required...

6.4CVSS5.8AI score0.00589EPSS

Exploits0References3Affected Software1

Cvelist•added 2024/05/17 6:54 a.m.•25 views

CVE-2023-41954 WordPress ProfilePress plugin <= 4.13.1 - Unauthenticated Limited Privilege Escalation vulnerability

Improper Privilege Management vulnerability in ProfilePress Membership Team ProfilePress allows Privilege Escalation.This issue affects ProfilePress: from n/a through 4.13.1...

8.6CVSS8.7AI score0.09773EPSS

Exploits0References1

Patchstack•added 2024/04/15 12:0 a.m.•8 views

WordPress ProfilePress Plugin <= 4.15.4 is vulnerable to Cross Site Scripting (XSS)

Software ProfilePress Type Plugin Vulnerable versions = 4.15.4 Fixed in 4.15.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2867 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c4b31f2d390c Credits Ngô Thiên An ancorn...

6.4CVSS6AI score0.00236EPSS

Exploits0References3Affected Software1

Patchstack•added 2024/03/12 12:0 a.m.•8 views

WordPress ProfilePress Plugin <= 4.15.2 is vulnerable to Cross Site Scripting (XSS)

Software ProfilePress Type Plugin Vulnerable versions = 4.15.2 Fixed in 4.15.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1535 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 06caa12c0913 Credits Arkadiusz Hydzik Required...

6.4CVSS5.7AI score0.00278EPSS

Exploits0References3Affected Software1

Patchstack•added 2024/02/26 12:0 a.m.•9 views

WordPress ProfilePress Plugin <= 4.15.0 is vulnerable to Cross Site Scripting (XSS)

Software ProfilePress Type Plugin Vulnerable versions = 4.15.0 Fixed in 4.15.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1409 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ed81354d54ab Credits Ngô Thiên An ancorn...

6.4CVSS5.7AI score0.00265EPSS

Exploits0References3Affected Software1

Patchstack•added 2024/02/20 12:0 a.m.•9 views

WordPress ProfilePress Plugin <= 4.14.4 is vulnerable to Cross Site Scripting (XSS)

Software ProfilePress Type Plugin Vulnerable versions = 4.14.4 Fixed in 4.15.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1570 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ebc427c2e4de Credits Arkadiusz Hydzik Required...

6.4CVSS5.7AI score0.00294EPSS

Exploits0References3Affected Software1

Patchstack•added 2024/02/02 12:0 a.m.•10 views

WordPress ProfilePress Plugin <= 4.14.3 is vulnerable to Cross Site Scripting (XSS)

Software ProfilePress Type Plugin Vulnerable versions = 4.14.3 Fixed in 4.14.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1046 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 32548a65a82c Credits Ngô Thiên An ancorn...

6.4CVSS5.7AI score0.00239EPSS

Exploits0References3Affected Software1

Patchstack•added 2023/12/26 12:0 a.m.•5 views

WordPress ProfilePress Plugin <= 4.13.2 is vulnerable to Broken Access Control

Software ProfilePress Type Plugin Vulnerable versions = 4.13.2 Fixed in 4.13.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-50882 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID a2e889cf5486 Credits Revan Arifio Required privileg...

6.5AI score0.00243EPSS

Exploits0References2Affected Software1

Patchstack•added 2023/09/12 12:0 a.m.•13 views

WordPress ProfilePress Plugin <= 4.13.1 is vulnerable to Broken Access Control

Software ProfilePress Type Plugin Vulnerable versions = 4.13.1 Fixed in 4.13.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-41953 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5739c8dcaf0e Credits Abdi Pranata Required privileg...

6.9AI score0.00332EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/05/03 3:15 p.m.•16 views

CVE-2023-23830 WordPress ProfilePress Plugin <= 4.5.4 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in ProfilePress Membership Team ProfilePress plugin = 4.5.4 versions...

7.1CVSS6.4AI score0.0023EPSS

Exploits0References1

Patchstack•added 2023/02/20 12:0 a.m.•10 views

WordPress ProfilePress Plugin <= 4.5.4 is vulnerable to Cross Site Scripting (XSS)

Software ProfilePress Type Plugin Vulnerable versions = 4.5.4 Fixed in 4.5.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23820 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1dded0badc30 Credits Rafie Muhammad Patchstack...

6.5CVSS6AI score0.00185EPSS

Exploits0References2Affected Software1

Patchstack•added 2023/01/27 12:0 a.m.•7 views

WordPress ProfilePress Plugin <= 4.5.3 is vulnerable to Cross Site Scripting (XSS)

Software ProfilePress Type Plugin Vulnerable versions = 4.5.3 Fixed in 4.5.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47444 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 08a817f47944 Credits pilvar Required...

7.1CVSS5.6AI score0.00496EPSS

Exploits0References2Affected Software1

Patchstack•added 2023/01/20 12:0 a.m.•7 views

WordPress ProfilePress Plugin <= 4.5.3 is vulnerable to Cross Site Scripting (XSS)

Software ProfilePress Type Plugin Vulnerable versions = 4.5.3 Fixed in 4.5.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23996 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 8fffbd3790ea Credits Rio Darmawan Required...

5.9CVSS5.8AI score0.00238EPSS

Exploits0References2Affected Software1

Patchstack•added 2021/06/28 12:0 a.m.•18 views

WordPress ProfilePress plugin 3.0 – 3.1.3 - Authenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by Chloe Chamberland WordFence in WordPress ProfilePress plugin versions 3.0 – 3.1.3. 06.29.2021 - WordFence updated the vulnerable version to 3.0 - 3.1.3. Solution Update the WordPress ProfilePress plugin to the latest available versi...

9.8CVSS2.6AI score0.61563EPSS

Exploits2References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by