Vulnerabilities > Wpindeed

DATE	CVE	VULNERABILITY TITLE	RISK
2025-02-21	CVE-2024-13846	SQL Injection vulnerability in Wpindeed Ultimate Learning PRO The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘post_id’ parameter in all versions up to, and including, 3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. network low complexity wpindeed CWE-89	4.9
2024-08-19	CVE-2024-43242	Deserialization of Untrusted Data vulnerability in Wpindeed Ultimate Membership PRO Deserialization of Untrusted Data vulnerability in azzaroco Ultimate Membership Pro allows Object Injection.This issue affects Ultimate Membership Pro: from n/a through 12.6. network low complexity wpindeed CWE-502 critical	10.0
2024-08-19	CVE-2024-43240	Unspecified vulnerability in Wpindeed Ultimate Membership PRO Improper Privilege Management vulnerability in azzaroco Ultimate Membership Pro allows Privilege Escalation.This issue affects Ultimate Membership Pro: from n/a through 12.6. network low complexity wpindeed critical	9.8
2023-11-13	CVE-2023-26516	Unspecified vulnerability in Wpindeed Debug Assistant Cross-Site Request Forgery (CSRF) vulnerability in WPIndeed Debug Assistant plugin <= 1.4 versions. network low complexity wpindeed	8.8
2023-06-16	CVE-2023-26527	Unspecified vulnerability in Wpindeed Debug Assistant Auth. network low complexity wpindeed	4.8

Vulnerabilities > Wpindeed {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Wpindeed"}]}