CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2015-4067

Malware in sbrugna...

5.4CVSS5.6AI score0.02793EPSS

Exploits2References6

NVD•added 2024/11/09 8:15 a.m.•10 views

CVE-2024-10547

The WP Membership plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the userprofileimageupload function in all versions up to, and including, 1.6.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...

9.8CVSS0.00829EPSS

Exploits0References2

NVD•added 2020/01/06 7:15 p.m.•27 views

CVE-2015-4039

Multiple cross-site scripting XSS vulnerabilities in the WP Membership plugin 1.2.3 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via unspecified 1 profile fields or 2 new post content. NOTE: CVE-2015-4038 can be used to bypass the administrator confirmatio...

5.4CVSS5.2AI score0.02793EPSS

Exploits2References4

Prion•added 2020/01/06 7:15 p.m.•22 views

Cross site scripting

3.5CVSS5.6AI score0.08311EPSS

Exploits5References4Affected Software1

Cvelist•added 2020/01/06 6:40 p.m.•27 views

CVE-2015-4039

5.2AI score0.02793EPSS

Exploits2References4

NVD•added 2015/06/03 8:59 p.m.•28 views

CVE-2015-4038

The WP Membership plugin 1.2.3 for WordPress allows remote authenticated users to gain administrator privileges via an ivmembershipupdateusersettings action to wp-admin/admin-ajax.php...

6.5CVSS5.4AI score0.08311EPSS

Exploits3References5

Prion•added 2015/06/03 8:59 p.m.•24 views

Code injection

The WP Membership plugin 1.2.3 for WordPress allows remote authenticated users to gain administrator privileges via an ivmembershipupdateusersettings action to wp-admin/admin-ajax.php...

6.5CVSS5.5AI score0.08311EPSS

Exploits3References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by