Vulnerabilities > Metagauss

DATE CVE VULNERABILITY TITLE RISK
2023-10-25 CVE-2023-45637 Unspecified vulnerability in Metagauss Eventprime
Unauth.
network
low complexity
metagauss
6.1
2023-07-18 CVE-2023-3403 Unspecified vulnerability in Metagauss Profilegrid
The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'pm_upload_csv' function in versions up to, and including, 5.5.1.
network
low complexity
metagauss
4.3
2023-07-18 CVE-2023-3714 Unspecified vulnerability in Metagauss Profilegrid
The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'edit_group' handler in versions up to, and including, 5.5.2.
network
low complexity
metagauss
8.8
2023-07-17 CVE-2022-38062 Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Download Theme
Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Download Theme plugin <= 1.0.9 versions.
network
low complexity
metagauss CWE-352
8.8
2023-06-20 CVE-2023-35884 Unspecified vulnerability in Metagauss Eventprime
Unauth.
network
low complexity
metagauss
6.1
2023-05-28 CVE-2022-36345 Unspecified vulnerability in Metagauss Download Plugin
Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Download Plugin <= 2.0.4 versions.
network
low complexity
metagauss
8.8
2023-05-28 CVE-2023-33326 Unspecified vulnerability in Metagauss Eventprime
Unauth.
network
low complexity
metagauss
6.1
2023-05-16 CVE-2023-2499 Improper Authentication vulnerability in Metagauss Registrationmagic
The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.2.1.0.
network
low complexity
metagauss CWE-287
critical
9.8
2023-05-16 CVE-2023-2548 Authorization Bypass Through User-Controlled Key vulnerability in Metagauss Registrationmagic
The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5.
network
low complexity
metagauss CWE-639
7.2
2023-04-17 CVE-2023-0889 Unspecified vulnerability in Metagauss Themeflection Numbers
Themeflection Numbers WordPress plugin before 2.0.1 does not have authorisation and CSRF check in an AJAX action, and does not ensure that the options to be updated belong to the plugin.
network
low complexity
metagauss
6.5