10 matches found
WordPress Restrict – membership, site, content and user access restrictions for WordPress plugin <= 2.3.0 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Restrict versions = 2.3.0...
CVE-2026-1304
The Membership Plugin – Restrict Content for WordPress is vulnerable to Stored Cross-Site Scripting via multiple invoice settings fields in all versions up to, and including, 3.2.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...
WordPress Restrict plugin <= 2.2.8 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability
Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin Restrict versions = 2.2.8...
WordPress Restrict Content Plugin <= 3.2.8 is vulnerable to Broken Access Control
Software Restrict Content Type Plugin Vulnerable versions = 3.2.8 Fixed in 3.2.9 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31432 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 602787f07d5a Credits Dhabaleshwar Das Required...
WordPress Restrict User Access – Membership Plugin with Force Plugin <= 2.5 is vulnerable to Sensitive Data Exposure
Software Restrict User Access – Membership Plugin with Force Type Plugin Vulnerable versions = 2.5 Fixed in 2.6 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-0687 Patch priority Low CVSS severity Low 5.3 Developer DEV Institute PSID 388810d84a13...
WordPress Restrict Content Plugin <= 3.2.7 is vulnerable to Sensitive Data Exposure
Software Restrict Content Type Plugin Vulnerable versions = 3.2.7 Fixed in 3.2.8 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2023-47668 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID 1e46aa10dc26 Credits...
WordPress Restrict Plugin <= 2.2.4 is vulnerable to Cross Site Scripting (XSS)
Software Restrict Type Plugin Vulnerable versions = 2.2.4 Fixed in 2.2.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-41861 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c9e5571465c1 Credits thiennv Required privile...
WordPress Restrict Content Plugin <= 3.2.4 is vulnerable to Cross Site Scripting (XSS)
Software Restrict Content Type Plugin Vulnerable versions = 3.2.4 Fixed in 3.2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 29b3be2b2832 Credits Rafie Muhammad Patchstack...
WordPress Restrict Content Plugin < 3.2.3 is vulnerable to Broken Access Control
Software Restrict Content Type Plugin Vulnerable versions 3.2.3 Fixed in 3.2.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE N/A Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 64157ce6271e Credits Unknown Required privilege Subscrib...
WordPress Restrict Content Plugin < 3.2.3 is vulnerable to Cross Site Scripting (XSS)
Software Restrict Content Type Plugin Vulnerable versions 3.2.3 Fixed in 3.2.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 140b3a291ad3 Credits Unknown Required privilege...