Vulnerabilities > Reputeinfosystems
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-05 | CVE-2024-0969 | Unspecified vulnerability in Reputeinfosystems Armember The ARMember plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.21 via the REST API. | 5.3 |
| 2024-01-11 | CVE-2023-6828 | Cross-site Scripting vulnerability in Reputeinfosystems Arforms Form Builder The Contact Form, Survey & Popup Form Plugin for WordPress – ARForms Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ arf_http_referrer_url’ parameter in all versions up to, and including, 1.5.8 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-01-08 | CVE-2023-52200 | Deserialization of Untrusted Data vulnerability in Reputeinfosystems Armember Cross-Site Request Forgery (CSRF), Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup.This issue affects ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup: n/a. | 9.8 |
| 2023-12-28 | CVE-2023-50841 | SQL Injection vulnerability in Reputeinfosystems Bookingpress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.72. | 8.8 |
| 2023-11-30 | CVE-2023-36507 | Unspecified vulnerability in Reputeinfosystems Bookingpress Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.64. | 5.3 |
| 2023-11-28 | CVE-2023-6219 | Unrestricted Upload of File with Dangerous Type vulnerability in Reputeinfosystems Bookingpress The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpress_process_upload' function in versions up to, and including, 1.0.76. | 7.2 |
| 2023-11-03 | CVE-2022-46808 | SQL Injection vulnerability in Reputeinfosystems Armember Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Repute Infosystems ARMember armember-membership allows SQL Injection.This issue affects ARMember: from n/a through 3.4.11. | 9.8 |
| 2023-06-22 | CVE-2023-33323 | Cross-site Scripting vulnerability in Reputeinfosystems Armember Auth. | 4.8 |
| 2023-06-12 | CVE-2022-47140 | Cross-site Scripting vulnerability in Reputeinfosystems Armember Unauth. | 6.1 |
| 2023-04-18 | CVE-2022-45838 | Cross-site Scripting vulnerability in Reputeinfosystems Arforms Form Builder Unauth. | 6.1 |