Vulnerabilities in wpeverest

50 results

CVE-2025-39400HIGHWordPress User Registration plugin < 4.2.0 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-3282MEDIUMUser Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.1.3 - Insecure Direct Object Reference to Unauthenticated Membership ModificationEPSS 0.2%CVE-2026-22422MEDIUMWordPress Everest Forms plugin <= 3.4.1 - Arbitrary Shortcode Execution vulnerabilityEPSS 0.2%CVE-2026-2356MEDIUMUser Registration & Membership <= 5.1.2 - Insecure Direct Object Reference to Unauthenticated Limited User DeletionEPSS 0.2%CVE-2026-4056MEDIUMUser Registration & Membership <= 5.1.4 - Missing Authorization to Authenticated (Contributor+) Content Access Rule ManipulationEPSS 0.2%CVE-2026-24353MEDIUMWordPress User Registration plugin <= 4.4.9 - Arbitrary Shortcode Execution vulnerabilityEPSS 0.2%CVE-2026-42652HIGHWordPress User Registration plugin <= 5.1.5 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2026-27070HIGHWordPress Everest Forms Pro plugin <= 1.9.10 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2025-3284MEDIUMUser Registration & Membership PRO – Custom Registration Form, Login Form, and User Profile <= 5.1.3 - Cross-Site Request Forgery to User DeletionEPSS 0.1%CVE-2025-14976MEDIUMUser Registration & Membership <= 4.4.8 - Cross-Site Request Forgery to Arbitrary Post DeletionEPSS 0.1%

← previouspage 3 / 3next →