Latest high severity vulnerabilities for vendor "metagauss"

Metagauss EventprimeEventPrime – Events Calendar, Bookings and Tickets <= 4.0.5.3 - Unauthenticated Stored Cross-Site Scripting via Ticket Category and Ticket Type Name

high

7.2

First published (updated )

CVE-2024-12024

Metagauss ProfilegridProfileGrid – User Profiles, Groups and Communities <= 5.9.3.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Meta Deletion

high

8.1

First published (updated )

CVE-2024-10900

Metagauss RegistrationmagicWordPress RegistrationMagic Plugin <= 5.2.4.1 is vulnerable to Cross Site Scripting (XSS)

high

7.1

EPSS

0.05%

First published (updated )

CVE-2023-51509

Metagauss ProfilegridWordPress ProfileGrid Plugin <= 5.0.3 is vulnerable to Broken Access Control

high

8.8

First published (updated )

CVE-2022-36352

Metagauss RegistrationmagicWordPress RegistrationMagic Plugin <= 5.2.4.5 is vulnerable to SQL Injection

high

7.6

First published (updated )

CVE-2023-50846

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Metagauss RegistrationmagicWordPress RegistrationMagic Plugin <= 5.2.2.6 is vulnerable to Cross Site Request Forgery (CSRF)

high

8.8

First published (updated )

CVE-2023-47645

Metagauss ProfilegridWordPress ProfileGrid Plugin <= 5.6.6 is vulnerable to Cross Site Request Forgery (CSRF)

high

8.8

First published (updated )

CVE-2023-47644

Metagauss EventprimeWordPress EventPrime Plugin <= 3.1.5 is vulnerable to Cross Site Scripting (XSS)

high

7.1

First published (updated )

CVE-2023-45637

Metagauss ProfilegridThe ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a mis…

high

8.8

First published (updated )

CVE-2023-3713

Metagauss ProfilegridThe ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a mis…

high

8.8

First published (updated )

CVE-2023-3714

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Metagauss Download ThemeWordPress Download Theme Plugin <= 1.0.9 is vulnerable to Cross Site Request Forgery (CSRF)

high

8.8

First published (updated )

CVE-2022-38062

Metagauss EventprimeWordPress EventPrime Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)

high

7.1

First published (updated )

CVE-2023-35884

Metagauss Download PluginWordPress Download Plugin Plugin <= 2.0.4 is vulnerable to Cross Site Request Forgery (CSRF)

high

8.8

First published (updated )

CVE-2022-36345

Metagauss EventprimeWordPress EventPrime Plugin <= 2.8.6 is vulnerable to Cross Site Scripting (XSS)

high

7.1

First published (updated )

CVE-2023-33326

Metagauss RegistrationmagicThe RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in ver…

high

7.2

First published (updated )

CVE-2023-2548

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Metagauss ProfilegridProfileGrid < 5.3.1 - Subscriber+ Arbitrary Password Reset

high

8.8

First published (updated )

CVE-2023-0940

Metagauss RegistrationmagicWordPress RegistrationMagic Plugin <= 5.1.9.2 is vulnerable to Cross Site Request Forgery (CSRF)

high

8.8

First published (updated )

CVE-2023-25991

Metagauss ProfilegridWordPress ProfileGrid plugin <= 5.1.6 - Auth. CSV Injection vulnerability

high

8.8

First published (updated )

CVE-2022-41791

Metagauss RegistrationmagicRegistrationMagic < 5.0.2.2 - Admin+ SQL Injection

high

7.2

First published (updated )

CVE-2022-0420

Metagauss RegistrationmagicRegistrationMagic < 5.0.1.6 - Admin+ SQL Injection

high

7.2

First published (updated )

CVE-2021-24862

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Metagauss RegistrationmagicSQL Injection

high

8.1

First published (updated )

CVE-2020-8435

Metagauss RegistrationmagicIn the RegistrationMagic plugin through 4.6.0.3 for WordPress, the export function allows remote aut…

high

8.8

First published (updated )

CVE-2020-9458

Metagauss RegistrationmagicThe RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users (with m…

high

8.8

First published (updated )

CVE-2020-9457

Metagauss RegistrationmagicIn the RegistrationMagic plugin through 4.6.0.3 for WordPress, the user controller allows remote aut…

high

8.8

First published (updated )

CVE-2020-9456

Metagauss RegistrationmagicCSRF

high

8.8

First published (updated )

CVE-2020-9454

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Metagauss ProfilegridCode Injection

high

8.8

First published (updated )

CVE-2019-15873

Software

Metagauss EventprimeEventPrime – Events Calendar, Bookings and Tickets <= 4.0.5.3 - Unauthenticated Stored Cross-Site Scripting via Ticket Category and Ticket Type Name

Metagauss ProfilegridProfileGrid – User Profiles, Groups and Communities <= 5.9.3.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Meta Deletion

Metagauss RegistrationmagicWordPress RegistrationMagic Plugin <= 5.2.4.1 is vulnerable to Cross Site Scripting (XSS)

Metagauss ProfilegridWordPress ProfileGrid Plugin <= 5.0.3 is vulnerable to Broken Access Control

Metagauss RegistrationmagicWordPress RegistrationMagic Plugin <= 5.2.4.5 is vulnerable to SQL Injection

Never miss a vulnerability like this again

Metagauss RegistrationmagicWordPress RegistrationMagic Plugin <= 5.2.2.6 is vulnerable to Cross Site Request Forgery (CSRF)

Metagauss ProfilegridWordPress ProfileGrid Plugin <= 5.6.6 is vulnerable to Cross Site Request Forgery (CSRF)

Metagauss EventprimeWordPress EventPrime Plugin <= 3.1.5 is vulnerable to Cross Site Scripting (XSS)

Metagauss ProfilegridThe ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a mis…

Metagauss ProfilegridThe ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a mis…

Never miss a vulnerability like this again

Metagauss Download ThemeWordPress Download Theme Plugin <= 1.0.9 is vulnerable to Cross Site Request Forgery (CSRF)

Metagauss EventprimeWordPress EventPrime Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)

Metagauss Download PluginWordPress Download Plugin Plugin <= 2.0.4 is vulnerable to Cross Site Request Forgery (CSRF)

Metagauss EventprimeWordPress EventPrime Plugin <= 2.8.6 is vulnerable to Cross Site Scripting (XSS)

Metagauss RegistrationmagicThe RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in ver…

Never miss a vulnerability like this again

Metagauss ProfilegridProfileGrid < 5.3.1 - Subscriber+ Arbitrary Password Reset

Metagauss RegistrationmagicWordPress RegistrationMagic Plugin <= 5.1.9.2 is vulnerable to Cross Site Request Forgery (CSRF)

Metagauss ProfilegridWordPress ProfileGrid plugin <= 5.1.6 - Auth. CSV Injection vulnerability

Metagauss RegistrationmagicRegistrationMagic < 5.0.2.2 - Admin+ SQL Injection

Metagauss RegistrationmagicRegistrationMagic < 5.0.1.6 - Admin+ SQL Injection

Never miss a vulnerability like this again

Metagauss RegistrationmagicSQL Injection

Metagauss RegistrationmagicIn the RegistrationMagic plugin through 4.6.0.3 for WordPress, the export function allows remote aut…

Metagauss RegistrationmagicThe RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users (with m…

Metagauss RegistrationmagicIn the RegistrationMagic plugin through 4.6.0.3 for WordPress, the user controller allows remote aut…

Metagauss RegistrationmagicCSRF

Never miss a vulnerability like this again

Metagauss ProfilegridCode Injection

Company

Resources

Contact