Vulnerabilidades en metagauss
106 resultadosCVE-2024-30491HIGHWordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.8 - SQL Injection vulnerabilityEPSS 32.0%CVE-2024-30490CRITICALWordPress ProfileGrid plugin <= 5.7.8 - SQL Injection vulnerabilityEPSS 2.3%CVE-2024-10508CRITICALRegistrationMagic – User Registration Plugin with Custom Registration Forms <= 6.0.2.6 - Unauthenticated Privilege Escalation via Password RecoveryEPSS 1.5%CVE-2023-2499CRITICALRegistrationMagic <= 5.2.1.0 - Authentication BypassEPSS 1.3%CVE-2025-6586HIGHDownload Plugin <= 2.2.8 - Authenticated (Administrator+) Arbitrary File UploadEPSS 1.1%CVE-2024-1991HIGHRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 5.3.0.0 - Authenticated (Subscriber+) Privilege EscalationEPSS 0.9%CVE-2024-30241HIGHWordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.1 - Contributor+ SQL Injection vulnerabilityEPSS 0.9%CVE-2024-1990HIGHRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 5.3.1.0 - Authenticated (Contributor+) SQL Injection via ShortcodeEPSS 0.8%CVE-2024-6411HIGHProfileGrid – User Profiles, Groups and Communities <= 5.8.9 - Authenticated (Subscriber+) Authorization Bypass to Privilege EscalationEPSS 0.8%CVE-2023-2548MEDIUMRegistrationMagic <= 5.2.0.5 - Authenticated (Admin+) Insecure Direct Object Reference to Arbitrary User Password ChangeEPSS 0.7%CVE-2023-3714HIGHProfileGrid <= 5.5.2 - Missing Authorization to Arbitrary Group Option Modification and Privilege EscalationEPSS 0.7%CVE-2017-20208CRITICALRegistrationMagic - Custom Registration Forms <= 3.7.9.2 - PHP Object InjectionEPSS 0.6%CVE-2025-26999HIGHWordPress ProfileGrid Plugin <= 5.9.4.3 - PHP Object Injection vulnerabilityEPSS 0.6%CVE-2023-3713HIGHProfileGrid <= 5.5.1 - Authenticated (Subscriber+) Arbitrary Option UpdateEPSS 0.6%CVE-2025-0724HIGHProfileGrid – User Profiles, Groups and Communities <= 5.9.4.5 - Authenticated (Subscriber+) PHP Object InjectionEPSS 0.6%CVE-2023-3404MEDIUMProfileGrid <= 5.5.0 - Hardcoded Encryption KeyEPSS 0.6%CVE-2023-49831HIGHWordPress RegistrationMagic plugin <= 5.2.3.0 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-1127MEDIUMEventPrime – Events Calendar, Bookings and Tickets <= 3.4.1 - Missing Authorization to Authenticated (Subscriber+) Event ExportEPSS 0.5%CVE-2023-33321MEDIUMWordPress EventPrime plugin <= 2.8.6 - Sensitive Data ExposureEPSS 0.5%CVE-2026-24378CRITICALWordPress EventPrime plugin <= 4.2.8.0 - PHP Object Injection vulnerabilityEPSS 0.5%