Vulnerabilities > Metagauss

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-31	CVE-2023-5519	Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Eventprime The EventPrime WordPress plugin before 3.2.0 does not have CSRF checks when creating bookings, which could allow attackers to make logged in users create unwanted bookings via CSRF attacks. network low complexity metagauss CWE-352	4.3
2023-10-25	CVE-2023-45637	Unspecified vulnerability in Metagauss Eventprime Unauth. network low complexity metagauss	6.1
2023-07-18	CVE-2023-3403	Unspecified vulnerability in Metagauss Profilegrid The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'pm_upload_csv' function in versions up to, and including, 5.5.1. network low complexity metagauss	4.3
2023-07-18	CVE-2023-3714	Unspecified vulnerability in Metagauss Profilegrid The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'edit_group' handler in versions up to, and including, 5.5.2. network low complexity metagauss	8.8
2023-07-17	CVE-2022-38062	Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Download Theme Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Download Theme plugin <= 1.0.9 versions. network low complexity metagauss CWE-352	8.8
2023-06-20	CVE-2023-35884	Unspecified vulnerability in Metagauss Eventprime Unauth. network low complexity metagauss	6.1
2023-05-28	CVE-2022-36345	Unspecified vulnerability in Metagauss Download Plugin Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Download Plugin <= 2.0.4 versions. network low complexity metagauss	8.8
2023-05-28	CVE-2023-33326	Unspecified vulnerability in Metagauss Eventprime Unauth. network low complexity metagauss	6.1
2023-05-16	CVE-2023-2499	Improper Authentication vulnerability in Metagauss Registrationmagic The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.2.1.0. network low complexity metagauss CWE-287 critical	9.8
2023-05-16	CVE-2023-2548	Authorization Bypass Through User-Controlled Key vulnerability in Metagauss Registrationmagic The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. network low complexity metagauss CWE-639	7.2

Vulnerabilities > Metagauss {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Metagauss"}]}

Vulnerabilities > Metagauss