Show filters
95 Total Results
Displaying 21-30 of 95
Sort by:
Attacker Value
Unknown
CVE-2024-31275
Disclosure Date: June 09, 2024 (last updated June 13, 2024)
Missing Authorization vulnerability in Metagauss EventPrime.This issue affects EventPrime: from n/a through 3.3.4.
0
Attacker Value
Unknown
CVE-2024-5453
Disclosure Date: June 05, 2024 (last updated June 12, 2024)
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pm_dismissible_notice and pm_wizard_update_group_icon functions in all versions up to, and including, 5.8.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary options to the value '1' or change group icons.
0
Attacker Value
Unknown
CVE-2023-51544
Disclosure Date: June 04, 2024 (last updated February 05, 2025)
Improper Control of Interaction Frequency vulnerability in Metagauss RegistrationMagic allows Functionality Misuse.This issue affects RegistrationMagic: from n/a through 5.2.5.0.
0
Attacker Value
Unknown
CVE-2023-51543
Disclosure Date: June 04, 2024 (last updated February 05, 2025)
Authentication Bypass by Spoofing vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through 5.2.5.0.
0
Attacker Value
Unknown
CVE-2024-32774
Disclosure Date: May 17, 2024 (last updated February 04, 2025)
Improper Restriction of Excessive Authentication Attempts vulnerability in Metagauss ProfileGrid allows Removing Important Client Functionality.This issue affects ProfileGrid : from n/a through 5.8.2.
0
Attacker Value
Unknown
CVE-2023-33321
Disclosure Date: May 17, 2024 (last updated February 04, 2025)
Missing Authorization vulnerability in Metagauss EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through 2.8.6.
0
Attacker Value
Unknown
CVE-2024-33947
Disclosure Date: May 03, 2024 (last updated February 04, 2025)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic allows Reflected XSS.This issue affects RegistrationMagic: from n/a through 5.3.2.0.
0
Attacker Value
Unknown
CVE-2024-3606
Disclosure Date: May 02, 2024 (last updated February 11, 2025)
The ProfileGrid – User Profiles, Memberships, Groups and Communities plugin for WordPress is vulnerable to unauthorized deletion of data due to a missing capability check on the pm_upload_cover_image function in all versions up to, and including, 5.8.3. This makes it possible for authenticated attackers, with subscriber access or higher, to delete attachments.
0
Attacker Value
Unknown
CVE-2023-23989
Disclosure Date: April 24, 2024 (last updated February 05, 2025)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic.This issue affects RegistrationMagic: from n/a through 5.1.9.2.
0
Attacker Value
Unknown
CVE-2024-32808
Disclosure Date: April 24, 2024 (last updated February 05, 2025)
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9.
0
