The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2019-14755 | The profile photo upload feature in Leaf Admin 61.9.0212.10 f allows Unrestricted Upload of a File with a Dangerous Type. | MEDIUM | Aug 20, 2019 | n/a |
CVE-2014-10380 | The profile-builder plugin before 1.1.66 for WordPress has multiple XSS issues in forms. | MEDIUM | Aug 22, 2019 | n/a |
CVE-2015-9337 | The profile-builder plugin before 2.1.4 for WordPress has no access control for activating or deactivating addons via AJAX. | MEDIUM | Aug 26, 2019 | n/a |
CVE-2015-9328 | The profile-builder plugin before 2.2.5 for WordPress has XSS. | MEDIUM | Aug 22, 2019 | n/a |
CVE-2016-10911 | The profile-builder plugin before 2.4.2 for WordPress has multiple XSS issues. | MEDIUM | Aug 22, 2019 | n/a |
CVE-2023-3404 | The ProfileGrid plugin for WordPress is vulnerable to unauthorized decryption of private information in versions up to, and including, 5.5.0. This is due to the passphrase and iv being hardcoded in the \'pm_encrypt_decrypt_pass\' function and used across all sites running the plugin. This makes it possible for authenticated attackers, with administrator-level permissions or above to decrypt and view users\' passwords. If combined with another vulnerability, this can potentially grant lower-privileged users access to users\' passwords. | -- | Aug 31, 2023 | n/a |
CVE-2023-3714 | The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the \'edit_group\' handler in versions up to, and including, 5.5.2. This makes it possible for authenticated attackers, with group ownership, to update group options, including the \'associate_role\' parameter, which defines the member\'s role. This issue was partially patched in version 5.5.2 preventing privilege escalation, however, it was fully patched in 5.5.3. | -- | Jul 18, 2023 | n/a |
CVE-2023-3403 | The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the \'pm_upload_csv\' function in versions up to, and including, 5.5.1. This makes it possible for authenticated attackers, with subscriber-level permissions or above to import new users and update existing users. | -- | Jul 18, 2023 | n/a |
CVE-2023-3713 | The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the \'profile_magic_check_smtp_connection\' function in versions up to, and including, 5.5.1. This makes it possible for authenticated attackers, with subscriber-level permissions or above to update the site options arbitrarily. This can be used by attackers to achieve privilege escalation. | -- | Jul 18, 2023 | n/a |
CVE-2022-3578 | The ProfileGrid WordPress plugin before 5.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting | -- | Nov 16, 2022 | n/a |
CVE-2023-0940 | The ProfileGrid WordPress plugin before 5.3.1 provides an AJAX endpoint for resetting a user password but does not implement proper authorization. This allows a user with low privileges, such as subscriber, to change the password of any account, including Administrator ones. | -- | Mar 24, 2023 | n/a |
CVE-2024-6410 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.8.9 via the \'pm_upload_image\' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change the profile picture of any user. | -- | Jul 11, 2024 | n/a |
CVE-2024-6411 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.8.9. This is due to a lack of validation on user-supplied data in the \'pm_upload_image\' AJAX action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update their user capabilities to Administrator. | -- | Jul 11, 2024 | n/a |
CVE-2024-5453 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pm_dismissible_notice and pm_wizard_update_group_icon functions in all versions up to, and including, 5.8.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary options to the value \'1\' or change group icons. | -- | Jun 5, 2024 | n/a |
CVE-2024-3606 | The ProfileGrid – User Profiles, Memberships, Groups and Communities plugin for WordPress is vulnerable to unauthorized deletion of data due to a missing capability check on the pm_upload_cover_image function in all versions up to, and including, 5.8.3. This makes it possible for authenticated attackers, with subscriber access or higher, to delete attachments. | -- | May 2, 2024 | n/a |
CVE-2022-0233 | The ProfileGrid – User Profiles, Memberships, Groups and Communities WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the pm_user_avatar and pm_cover_image parameters found in the ~/admin/class-profile-magic-admin.php file which allows attackers with authenticated user access, such as subscribers, to inject arbitrary web scripts into their profile, in versions up to and including 1.2.7. | LOW | Jan 18, 2022 | n/a |
CVE-2019-15873 | The profilegrid-user-profiles-groups-and-communities plugin before 2.8.6 for WordPress has remote code execution via an wp-admin/admin-ajax.php request with the action=pm_template_preview&html=<?php substring followed by PHP code. | MEDIUM | Sep 5, 2019 | n/a |
CVE-2018-13391 | The ProfileLinkUserFormat component of Jira Server before version 7.6.8, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3 and from version 7.11.0 before version 7.11.2 allows remote attackers who can access & view an issue to obtain the email address of the reporter and assignee user of an issue despite the configured email visibility setting being set to hidden. | MEDIUM | Aug 28, 2018 | n/a |
CVE-2022-4698 | The ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several form fields in versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. | -- | Dec 23, 2022 | n/a |
CVE-2024-2861 | The ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ProfilePress User Panel widget in all versions up to, and including, 4.15.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | -- | May 24, 2024 | n/a |
CVE-2022-4697 | The ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wp_user_cover_default_image_url’ parameter in versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. | -- | Dec 23, 2022 | n/a |
CVE-2022-46315 | The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. | -- | Dec 24, 2022 | n/a |
CVE-2022-25622 | The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments. | MEDIUM | Apr 12, 2022 | n/a |
CVE-2020-8945 | The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification. | HIGH | Feb 12, 2020 | n/a |
CVE-2018-11494 | The program extension upload feature in OpenCart through 3.0.2.0 has a six-step process (upload, install, unzip, move, xml, remove) that allows attackers to execute arbitrary code if the remove step is skipped, because the attacker can discover a secret temporary directory name (containing 10 random digits) via a directory traversal attack involving language_info['code']. | MEDIUM | May 26, 2018 | n/a |
CVE-2021-38396 | The programmer installation utility does not perform a cryptographic authenticity or integrity checks of the software on the flash drive. An attacker could leverage this weakness to install unauthorized software using a specially crafted USB. | MEDIUM | Oct 4, 2021 | n/a |
CVE-2021-45916 | The programming function of Shockwall system has an improper input validation vulnerability. An authenticated attacker within the local area network can send malicious response to the server to disrupt the service partially. | LOW | Jan 3, 2022 | n/a |
CVE-2021-32978 | The programming protocol allows for a previously entered password and lock state to be read by an attacker. If the previously entered password was successful, the attacker can then use the password to unlock Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00. | MEDIUM | Apr 5, 2022 | n/a |
CVE-2024-4563 | The Progress MOVEit Automation configuration export function prior to 2024.0.0 uses a cryptographic method with insufficient bit length. | -- | May 23, 2024 | n/a |
CVE-2022-2171 | The Progressive License WordPress plugin through 1.1.0 is lacking any CSRF check when saving its settings, which could allow attackers to make a logged in admin change them. Furthermore, as the plugin allows arbitrary HTML to be inserted in one of the settings, this could lead to Stored XSS issue which will be triggered in the frontend as well. | -- | Aug 5, 2022 | n/a |
CVE-2015-5059 | The Project Documentation feature in MantisBT 1.2.19 and earlier, when the threshold to access files ($g_view_proj_doc_threshold) is set to ANYBODY, allows remote authenticated users to download attachments linked to arbitrary private projects via a file id number in the file_id parameter to file_download.php. | Low | Aug 7, 2017 | n/a |
CVE-2016-4867 | The Project function in Cybozu 9.0.0 through 10.4.0 allows remote authenticated users to read closed project information. | MEDIUM | Apr 20, 2017 | n/a |
CVE-2016-4873 | The Project function in Cybozu Office 9.0.0 through 10.4.0 does not properly check access permissions, which allows remote authenticated users to alter project information. | MEDIUM | Apr 20, 2017 | n/a |
CVE-2017-16670 | The project import functionality in SoapUI 5.3.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL project file. | MEDIUM | Feb 19, 2018 | n/a |
CVE-2021-22258 | The project import/export feature in GitLab 8.9 and greater could be used to obtain otherwise private email addresses | MEDIUM | Oct 9, 2021 | n/a |
CVE-2021-30245 | The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution. It is always best practice to be careful opening documents from unknown and unverified sources. The mitigation in Apache OpenOffice 4.1.10 (unreleased) assures that a security warning is displayed giving the user the option of continuing to open the hyperlink. | MEDIUM | Apr 16, 2021 | n/a |
CVE-2022-1585 | The Project Source Code Download WordPress plugin through 1.0.0 does not protect its backup generation and download functionalities, which may allow any visitors on the site to download the entire site, including sensitive files like wp-config.php. | -- | Aug 4, 2022 | n/a |
CVE-2022-31552 | The project-anuvaad/anuvaad-corpus repository through 2020-11-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | MEDIUM | Jul 15, 2022 | n/a |
CVE-2019-15539 | The proj_doc_edit_page.php Project Documentation feature in MantisBT before 2.21.3 has a stored cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code (if CSP settings permit it) after uploading an attachment with a crafted filename. The code is executed when editing the document\'s page. | MEDIUM | Mar 19, 2020 | n/a |
CVE-2017-18529 | The promobar plugin before 1.1.1 for WordPress has multiple XSS issues. | MEDIUM | Aug 22, 2019 | n/a |
CVE-2018-8934 | The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in firmware, aka CHIMERA-FW. | HIGH | Mar 22, 2018 | n/a |
CVE-2018-8935 | The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in the ASIC, aka CHIMERA-HW. | HIGH | Mar 22, 2018 | n/a |
CVE-2018-19113 | The Pronestor PNHM (aka Health Monitoring or HealthMonitor) add-in before 8.1.13.0 for Outlook has \"BUILTIN\\Users:(I)(F)\" permissions for the \"%PROGRAMFILES(X86)%\\proNestor\\Outlook add-in for Pronestor\\PronestorHealthMonitor.exe\" file, which allows local users to gain privileges via a Trojan horse PronestorHealthMonitor.exe file. | MEDIUM | Apr 3, 2019 | n/a |
CVE-2021-42764 | The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to cause a denial of service (delayed consensus decisions), and also increase the profits of individual validators, via short-range reorganizations of the underlying consensus chain. | MEDIUM | Oct 21, 2021 | n/a |
CVE-2021-42766 | The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to cause a denial of service (long-range consensus chain reorganizations), even when this adversary has little stake and cannot influence network message propagation. This can cause a protocol stall, or an increase in the profits of individual validators. | MEDIUM | Oct 21, 2021 | n/a |
CVE-2021-42765 | The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to leverage network delay to cause a denial of service (indefinite stalling of consensus decisions). | MEDIUM | Oct 21, 2021 | n/a |
CVE-2024-0862 | The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains a Server-Side Request Forgery vulnerability that allows an authenticated user to relay HTTP requests from the Protection server to otherwise private network addresses. | -- | May 14, 2024 | n/a |
CVE-2024-3676 | The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains an Improper Input Validation vulnerability that allows an unauthenticated remote attacker with a specially crafted HTTP request to create additional Encryption user accounts under the attacker\'s control. These accounts are able to send spoofed email to any users within the domains configured by the Administrator. | -- | May 14, 2024 | n/a |
CVE-2021-27899 | The Proofpoint Insider Threat Management Agents (formerly ObserveIT Agent) for MacOS and Linux perform improper validation of the ITM Server\'s certificate, which enables a remote attacker to intercept and alter these communications using a man-in-the-middle attack. All versions before 7.11.1 are affected. Agents for Windows and Cloud are not affected. | MEDIUM | Apr 7, 2021 | n/a |
CVE-2020-10658 | The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server\'s WriteImage API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. | HIGH | Jan 8, 2021 | n/a |