User Registration, Login Form, User Profile & Membership Security Vulnerabilities and Issues — User Registration, Login Form, User Profile & Membership CVE List

Lucene search

ProfilepressUser Registration, Login Form, User Profile & Membership

4 matches found

CVE•added 2023/11/30 3:15 p.m.•59 views

CVE-2023-44150

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress.This issue affects Paid Membership Plugin, Ecommerce, Registration Form, Login Fo...

7.5CVSS7.4AI score0.00618EPSS

CVE•added 2024/01/16 4:15 p.m.•40 views

CVE-2023-0824

The User registration & user profile WordPress plugin through 2.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged-in admin add Stored XSS payloads via a CSRF attack.

7.4CVSS6.1AI score0.00141EPSS

CVE•added 2021/12/13 11:15 a.m.•38 views

CVE-2021-24954

The User Registration, Login Form, User Profile & Membership WordPress plugin before 3.2.3 does not sanitise and escape the ppress_cc_data parameter before outputting it back in an attribute of an admin dashboard page, leading to a Reflected Cross-Site Scripting issue

6.1CVSS6.1AI score0.00216EPSS

CVE•added 2021/12/13 11:15 a.m.•37 views

CVE-2021-24955

The User Registration, Login Form, User Profile & Membership WordPress plugin before 3.2.3 does not escape the data parameter of the pp_get_forms_by_builder_type AJAX action before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue

6.1CVSS6.1AI score0.00216EPSS