Vulnerabilities > Properfraction > Profilepress > 4.4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-30 | CVE-2023-44150 | Unspecified vulnerability in Properfraction Profilepress Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress.This issue affects Paid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress: from n/a through 4.13.2. | 7.5 |
| 2023-05-03 | CVE-2023-23830 | Unspecified vulnerability in Properfraction Profilepress Unauth. | 6.1 |
| 2023-05-03 | CVE-2023-23820 | Unspecified vulnerability in Properfraction Profilepress Auth. | 5.4 |
| 2023-04-06 | CVE-2023-23996 | Cross-site Scripting vulnerability in Properfraction Profilepress Auth. | 4.8 |
| 2023-03-29 | CVE-2022-47444 | Unspecified vulnerability in Properfraction Profilepress Unauth. | 6.1 |
| 2022-12-23 | CVE-2022-4697 | Unspecified vulnerability in Properfraction Profilepress The ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wp_user_cover_default_image_url’ parameter in versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping. | 4.8 |
| 2022-12-23 | CVE-2022-4698 | Unspecified vulnerability in Properfraction Profilepress The ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several form fields in versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping. | 4.8 |