Vulnerabilities in reputeinfosystems

36 results

CVE-2024-3022HIGHBookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.0.87 - Authenticated (Admin+) Arbitrary File UploadEPSS 1.6%CVE-2023-6219HIGHBookingPress <= 1.0.76 - Authenticated (Administrator+) Arbitrary File UploadEPSS 1.2%CVE-2024-7703MEDIUMARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup <= 4.0.37 - Authenticated (Subscriber+) Stored Cross-Site Scripting via SVG File UploadEPSS 1.1%CVE-2024-6467HIGHBookingPress Appointment Booking <= 1.1.5 - Authenticated (Subscriber+) Arbitrary File Read to Arbitrary File CreationEPSS 0.9%CVE-2024-49699HIGHWordPress ARPrice plugin <= 4.1.3 - PHP Object Injection vulnerabilityEPSS 0.8%CVE-2022-42888CRITICALWordPress ARMember Plugin <= 5.5.1 is vulnerable to Privilege EscalationEPSS 0.7%CVE-2024-7350CRITICALAppointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress 1.1.6 - 1.1.7 - Authentication Bypass to Account TakeoverEPSS 0.7%CVE-2024-6660HIGHBookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.1.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Arbitrary File UploadEPSS 0.6%CVE-2024-32703HIGHWordPress ARForms plugin <= 6.4 - Subscriber+ Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2024-10540MEDIUMAppointment Booking Calendar Plugin and Scheduling Plugin – BookingPress <= 1.1.16 - Authenticated (Subscriber+) SQL InjectionEPSS 0.6%CVE-2024-32706HIGHWordPress ARForms plugin <= 6.4 - Subscriber+ SQL Injection vulnerabilityEPSS 0.6%CVE-2024-54216HIGHWordPress ARForms plugin <= 6.4.1 - Subscriber+ Arbitrary File Read vulnerabilityEPSS 0.5%CVE-2024-4133MEDIUMARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup <= 4.0.30 - Open RedirectEPSS 0.5%CVE-2024-0969MEDIUMARMember <= 4.0.24 - Improper Access Control to Sensitive Information Exposure via REST APIEPSS 0.5%CVE-2024-11726MEDIUMAppointment Booking Calendar Plugin and Scheduling Plugin – BookingPress <= 1.1.21 - Authenticated (Contributor+) SQL InjectionEPSS 0.5%CVE-2023-3996MEDIUMARMember Lite - Membership Plugin <= 4.0.16 - Authenticated (Administrator+) Stored Cross-Site ScriptingEPSS 0.5%CVE-2024-49688CRITICALWordPress ARPrice plugin <= 4.1.3 - Unauthenticated PHP Object Injection vulnerabilityEPSS 0.4%CVE-2024-1945HIGHARForms Form Builder <= 1.6.4 - Missing Authorization to Authenticated(Subscriber+) Arbitrary Option DeletionEPSS 0.4%CVE-2024-54217MEDIUMWordPress ARForms plugin <= 6.4.1 - Subscriber+ Plugin Settings Change vulnerabilityEPSS 0.4%CVE-2024-32705HIGHWordPress ARForms plugin <= 6.4 - Subscriber+ Arbitrary Plugin Activation/Deactivation VulnerabilityEPSS 0.4%

← previouspage 1 / 2next →