Vulnerabilities > Metagauss
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-31 | CVE-2023-5519 | Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Eventprime The EventPrime WordPress plugin before 3.2.0 does not have CSRF checks when creating bookings, which could allow attackers to make logged in users create unwanted bookings via CSRF attacks. | 4.3 |
2023-10-25 | CVE-2023-45637 | Cross-site Scripting vulnerability in Metagauss Eventprime Unauth. | 6.1 |
2023-08-31 | CVE-2023-3404 | Unspecified vulnerability in Metagauss Profilegrid The ProfileGrid plugin for WordPress is vulnerable to unauthorized decryption of private information in versions up to, and including, 5.5.0. | 4.9 |
2023-07-18 | CVE-2023-3403 | Unspecified vulnerability in Metagauss Profilegrid The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'pm_upload_csv' function in versions up to, and including, 5.5.1. | 4.3 |
2023-07-18 | CVE-2023-3713 | Unspecified vulnerability in Metagauss Profilegrid The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'profile_magic_check_smtp_connection' function in versions up to, and including, 5.5.1. | 8.8 |
2023-07-18 | CVE-2023-3714 | Unspecified vulnerability in Metagauss Profilegrid The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'edit_group' handler in versions up to, and including, 5.5.2. | 8.8 |
2023-07-17 | CVE-2022-38062 | Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Download Theme Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Download Theme plugin <= 1.0.9 versions. | 8.8 |
2023-06-20 | CVE-2023-35884 | Cross-site Scripting vulnerability in Metagauss Eventprime Unauth. | 6.1 |
2023-05-28 | CVE-2022-36345 | Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Download Plugin Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Download Plugin <= 2.0.4 versions. | 8.8 |
2023-05-28 | CVE-2023-33326 | Cross-site Scripting vulnerability in Metagauss Eventprime Unauth. | 6.1 |