Profilepress Security Vulnerabilities and Issues — Profilepress CVE List

Lucene search

ProperfractionProfilepress

4 matches found

CVE•added 2024/12/09 2:15 p.m.•131 views

CVE-2023-41953

Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress.This issue affects ProfilePress: from n/a through 4.13.1.

5.3CVSS5.6AI score0.00169EPSS

CVE•added 2024/12/12 6:15 a.m.•50 views

CVE-2024-10517

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.15 does not sanitise and escape some of its Drag & Drop Builder fields, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting...

4.8CVSS5.7AI score0.00038EPSS

CVE•added 2024/12/12 6:15 a.m.•40 views

CVE-2024-10518

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.15 does not sanitise and escape some of its Membership Plan settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting a...

4.8CVSS5.7AI score0.00038EPSS

CVE•added 2024/12/09 1:15 p.m.•37 views

CVE-2023-50882

Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProfilePress: from n/a through 4.13.2.

5.3CVSS5.4AI score0.0007EPSS