Vulnerabilidades em properfraction
27 resultadosCVE-2022-4697MEDIUMProfilePress <= 4.5.0 - Authenticated (Administrator+) Stored Cross-Site ScriptingEPSS 0.7%CVE-2024-11977HIGHkk Star Ratings – Rate Post & Collect User Feedbacks <= 5.4.10 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.6%CVE-2022-4698MEDIUMProfilePress <= 4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Form SettingsEPSS 0.6%CVE-2024-1408MEDIUMProfilePress <= 4.14.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via [edit-profile-text-box] shortcodeEPSS 0.6%CVE-2024-1535MEDIUMProfilePress <= 4.15.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.6%CVE-2024-1519MEDIUMPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.14.4 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.6%CVE-2024-1806MEDIUMProfilePress <= 4.15.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via profilepress-edit-profile ShortcodeEPSS 0.6%CVE-2024-1570MEDIUMProfilePress <= 4.14.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.5%CVE-2023-50882MEDIUMWordPress ProfilePress plugin <= 4.13.2 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-1409MEDIUMPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via [reg-select-role] ShortcodeEPSS 0.4%CVE-2024-3210MEDIUMPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'reg-single-checkbox'EPSS 0.4%CVE-2022-4974MEDIUMFreemius SDK <= 2.4.2 - Missing Authorization ChecksEPSS 0.4%CVE-2025-8878MEDIUMPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.16.4 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.4%CVE-2026-3309MEDIUMPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.16.11 - Unauthenticated Arbitrary Shortcode Execution via Checkout Billing FieldsEPSS 0.4%CVE-2025-13642MEDIUMProfilePress <= 4.16.7 - Authenticated (Subscriber+) Arbitrary Shortcode ExecutionEPSS 0.4%CVE-2024-11083MEDIUMProfilePress <= 4.15.18 - Unauthenticated Content Restriction Bypass to Sensitive Information ExposureEPSS 0.4%CVE-2026-3453HIGHProfilePress <= 4.16.11 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Subscription Cancellation/ExpirationEPSS 0.4%CVE-2024-2867MEDIUMPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.4 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-1046MEDIUMPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.14.3 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2026-4949MEDIUMProfilePress <= 4.16.12 - Missing Authorization to Authenticated (Subscriber+) Inactive Membership Plan SubscriptionEPSS 0.3%