Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
The pmpro-membership-maps WordPress plugin before 0.7 does not prevent users with at least the contributor role from leaking sensitive information about users with a membership on the site.
The pmpro-member-directory WordPress plugin before 1.2.6 does not prevent users with at least the contributor role from leaking other users' sensitive information, including password hashes via an SQL
The s2Member Pro plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 250214 via the 'template' attribute. This makes it possible for authenticated attacker
The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and inc
The Memberful plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.73.9 via the WordPress core search feature. This makes it possible for unauth
The Members – Membership & User Role Editor Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.10 via the WordPress core search featu
The Memberpress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.37 via the WordPress core search feature. This makes it possible for una
The SureMembers plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.10.6 via the REST API. This makes it possible for unauthenticated attackers
The MapPress Maps for WordPress plugin before 2.94.9 does not sanitise and escape some parameters when outputing them in the page, which could allow users with a role as low as contributor to perform
The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions u
The UserPro - Community and User Profile WordPress Plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 5.1.10 via the userpro_fbconnect() function. T
The ProfilePro WordPress plugin through 1.3 does not sanitise and escape some parameters and lacks proper access controls, which could allow users with a role as low as subscriber to perform Cross-Sit
The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.13 via the WordPress core search feature. This m
The Image Map Pro plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the AJAX functions in versions up to, and including, 6.0
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which cou
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which cou
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which cou
CVE-2024-12919
CRITICAL CVSS 9.8
Find Similar
The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2
The Image Map Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'save_project' function with an arbitrary shortcode in versions up to, and including, 6.0.20 due to insuffic
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.15 does not sanitise and escape some of its Membership Plan set
Page 1+ Next →