Known Vulnerabilities for products from Profilepress
Listed below are 12 of the newest known vulnerabilities associated with the vendor "Profilepress".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-4949 json | Not Provided | 2026-04-15 | 2026-04-16 | |
| CVE-2026-3453 json | Not Provided | 2026-03-11 | 2026-04-08 | |
| CVE-2026-3445 json | Not Provided | 2026-04-04 | 2026-04-08 | |
| CVE-2026-3309 json | Not Provided | 2026-04-04 | 2026-04-08 | |
| CVE-2024-3210 json | Not Provided | 2024-04-10 | 2026-04-08 | |
| CVE-2024-2867 json | Not Provided | 2024-05-02 | 2026-04-08 | |
| CVE-2024-2861 json | Not Provided | 2024-05-23 | 2026-04-08 | |
| CVE-2024-1806 json | Not Provided | 2024-03-13 | 2026-04-08 | |
| CVE-2024-1570 json | Not Provided | 2024-02-29 | 2026-04-08 | |
| CVE-2024-1535 json | Not Provided | 2024-03-13 | 2026-04-08 | |
| CVE-2023-23830 json | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team ProfilePress plugin <= 4.5.4 vers... | 6.1 - MEDIUM | 2023-05-03 | 2023-05-27 |
| CVE-2021-34624 json | A vulnerability in the file uploader component found in the ~/src/Classes/FileUploader.php file of the ProfilePress WordPress... | 9.8 - CRITICAL | 2021-07-07 | 2023-05-26 |
| CVE-2021-34623 json | A vulnerability in the image uploader component found in the ~/src/Classes/ImageUploader.php file of the ProfilePress WordPre... | 9.8 - CRITICAL | 2021-07-07 | 2023-05-26 |
| CVE-2021-34622 json | A vulnerability in the user profile update component found in the ~/src/Classes/EditUserProfile.php file of the ProfilePress ... | 8.8 - HIGH | 2021-07-07 | 2023-05-26 |
| CVE-2021-34621 json | A vulnerability in the user registration component found in the ~/src/Classes/RegistrationAuth.php file of the ProfilePress W... | 9.8 - CRITICAL | 2021-07-07 | 2023-05-26 |
| CVE-2021-24955 json | The User Registration, Login Form, User Profile & Membership WordPress plugin before 3.2.3 does not escape the data parameter... | 6.1 - MEDIUM | 2021-12-13 | 2021-12-17 |
| CVE-2021-24954 json | The User Registration, Login Form, User Profile & Membership WordPress plugin before 3.2.3 does not sanitise and escape the p... | 6.1 - MEDIUM | 2021-12-13 | 2021-12-16 |
| CVE-2021-24939 json | The LoginWP (Formerly Peter's Login Redirect) WordPress plugin before 3.0.0.5 does not sanitise and escape the rul_login_url ... | 6.1 - MEDIUM | 2021-12-06 | 2021-12-06 |
| CVE-2021-24522 json | The User Registration, User Profile, Login & Membership – ProfilePress (Formerly WP User Avatar) WordPress plugin before 3.... | 6.1 - MEDIUM | 2021-08-09 | 2023-05-26 |
| CVE-2021-24450 json | The User Registration, User Profiles, Login & Membership – ProfilePress (Formerly WP User Avatar) WordPress plugin before 3... | 4.8 - MEDIUM | 2021-08-02 | 2023-11-07 |