VYPR

Profilepress

by Properfraction

CVEs (22)

  • CVE-2024-11083Nov 27, 2024
    risk 0.00cvss epss 0.00

    The ProfilePress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.15.18 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been…

  • CVE-2024-9947Oct 23, 2024
    risk 0.00cvss epss 0.01

    The ProfilePress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 4.11.1. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to…

Page 2 of 2