Lucene search
K

10 matches found

Patchstack
Patchstack
added 2026/05/01 9:16 a.m.6 views

WordPress Restrict – membership, site, content and user access restrictions for WordPress plugin <= 2.3.0 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Restrict versions = 2.3.0...

6.1CVSS5.8AI score0.00276EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/19 7:28 a.m.7 views

CVE-2026-1304

The Membership Plugin – Restrict Content for WordPress is vulnerable to Stored Cross-Site Scripting via multiple invoice settings fields in all versions up to, and including, 3.2.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...

4.4CVSS5.7AI score0.00308EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/12/11 12:12 a.m.2 views

WordPress Restrict plugin <= 2.2.8 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability

Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin Restrict versions = 2.2.8...

5.3CVSS6.9AI score0.00367EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/04/10 12:0 a.m.12 views

WordPress Restrict Content Plugin <= 3.2.8 is vulnerable to Broken Access Control

Software Restrict Content Type Plugin Vulnerable versions = 3.2.8 Fixed in 3.2.9 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31432 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 602787f07d5a Credits Dhabaleshwar Das Required...

5.3CVSS6.6AI score0.00359EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/02/26 12:0 a.m.15 views

WordPress Restrict User Access – Membership Plugin with Force Plugin <= 2.5 is vulnerable to Sensitive Data Exposure

Software Restrict User Access – Membership Plugin with Force Type Plugin Vulnerable versions = 2.5 Fixed in 2.6 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-0687 Patch priority Low CVSS severity Low 5.3 Developer DEV Institute PSID 388810d84a13...

5.3CVSS6.5AI score0.00546EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/11/08 12:0 a.m.15 views

WordPress Restrict Content Plugin <= 3.2.7 is vulnerable to Sensitive Data Exposure

Software Restrict Content Type Plugin Vulnerable versions = 3.2.7 Fixed in 3.2.8 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2023-47668 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID 1e46aa10dc26 Credits...

7.5CVSS6.4AI score0.01009EPSS
Exploits2References2Affected Software1
Patchstack
Patchstack
added 2023/09/05 12:0 a.m.16 views

WordPress Restrict Plugin <= 2.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Restrict Type Plugin Vulnerable versions = 2.2.4 Fixed in 2.2.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-41861 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c9e5571465c1 Credits thiennv Required privile...

7.1CVSS5.9AI score0.00351EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.5 views

WordPress Restrict Content Plugin <= 3.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Restrict Content Type Plugin Vulnerable versions = 3.2.4 Fixed in 3.2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 29b3be2b2832 Credits Rafie Muhammad Patchstack...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/06/26 12:0 a.m.6 views

WordPress Restrict Content Plugin < 3.2.3 is vulnerable to Broken Access Control

Software Restrict Content Type Plugin Vulnerable versions 3.2.3 Fixed in 3.2.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE N/A Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 64157ce6271e Credits Unknown Required privilege Subscrib...

6.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/06/26 12:0 a.m.4 views

WordPress Restrict Content Plugin < 3.2.3 is vulnerable to Cross Site Scripting (XSS)

Software Restrict Content Type Plugin Vulnerable versions 3.2.3 Fixed in 3.2.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 140b3a291ad3 Credits Unknown Required privilege...

5.9AI score
Exploits0References2Affected Software1
Rows per page
Query Builder