Vulnerabilities > Properfraction

DATE CVE VULNERABILITY TITLE RISK
2024-10-23 CVE-2024-9947 Improper Authentication vulnerability in Properfraction Profilepress
The ProfilePress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 4.11.1.
network
low complexity
properfraction CWE-287
critical
 9.8
9.8
2024-03-13 CVE-2024-1535 Cross-site Scripting vulnerability in Properfraction Profilepress
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 4.15.2 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
properfraction CWE-79
5.4
5.4
2024-02-29 CVE-2024-1408 Cross-site Scripting vulnerability in Properfraction Profilepress
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's edit-profile-text-box shortcode in all versions up to, and including, 4.14.4 due to insufficient input sanitization and output escaping on user supplied attributes such as 'type'.
network
low complexity
properfraction CWE-79
5.4
5.4
2024-02-29 CVE-2024-1519 Cross-site Scripting vulnerability in Properfraction Profilepress
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name' parameter in all versions up to, and including, 4.14.4 due to insufficient input sanitization and output escaping.
network
low complexity
properfraction CWE-79
6.1
6.1
2024-02-29 CVE-2024-1570 Cross-site Scripting vulnerability in Properfraction Profilepress
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's login-password shortcode in all versions up to, and including, 4.14.4 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
properfraction CWE-79
5.4
5.4
2024-02-05 CVE-2024-1046 Cross-site Scripting vulnerability in Properfraction Profilepress
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin 'reg-number-field' shortcode in all versions up to, and including, 4.14.3 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
properfraction CWE-79
5.4
5.4
2024-01-19 CVE-2022-45083 Unspecified vulnerability in Properfraction Profilepress
Deserialization of Untrusted Data vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress.This issue affects Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress: from n/a through 4.3.2.
network
low complexity
properfraction
7.2
7.2
2023-11-30 CVE-2023-44150 Unspecified vulnerability in Properfraction Profilepress
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress.This issue affects Paid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress: from n/a through 4.13.2.
network
low complexity
properfraction
7.5
7.5
2023-11-06 CVE-2023-47184 Unspecified vulnerability in Properfraction Admin BAR & Dashboard Access Control
Auth.
network
low complexity
properfraction
4.8
4.8
2023-05-03 CVE-2023-23830 Unspecified vulnerability in Properfraction Profilepress
Unauth.
network
low complexity
properfraction
6.1
6.1