properfraction
Web & CMS Pluginscommercial
Latest CVEs
The 15 most recently published vulnerabilities affecting properfraction.
- CVE-2026-41556WordPress ProfilePress plugin <= 4.16.13 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2026-4949ProfilePress <= 4.16.12 - Missing Authorization to Authenticated (Subscriber+) Inactive Membership Plan Subscription4.3
- CVE-2026-3309Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.16.11 - Unauthenticated Arbitrary Shortcode Execution via Checkout Billing Fields6.5
- CVE-2026-3445Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.16.11 - Missing Authorization to Authenticated (Subscriber+) Membership Payment Bypass7.1
- CVE-2026-3453ProfilePress <= 4.16.11 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Subscription Cancellation/Expiration8.1
- CVE-2025-13642ProfilePress <= 4.16.7 - Authenticated (Subscriber+) Arbitrary Shortcode Execution5.4
- CVE-2025-58596WordPress MailOptin Plugin <= 1.2.75.0 - Cross Site Scripting (XSS) Vulnerability5.9
- CVE-2025-8878Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.16.4 - Unauthenticated Arbitrary Shortcode Execution6.5
- CVE-2024-13121Paid Membership Plugin < 4.15.20 - Admin+ Stored XSS3.5
- CVE-2024-13120ProfilePress < 4.15.20 - Admin+ Stored XSS4.8
- CVE-2024-13119ProfilePress < 4.15.20 - Admin+ Stored XSS4.8
- CVE-2024-11977kk Star Ratings – Rate Post & Collect User Feedbacks <= 5.4.10 - Unauthenticated Arbitrary Shortcode Execution7.3
- CVE-2024-12309Rate My Post – Star Rating Plugin by FeedbackWP <= 4.2.4 - Unauthenticated Voting On Scheduled Posts5.3
- CVE-2024-10518ProfilePress < 4.15.15 - Admin+ Stored XSS4.8
- CVE-2024-10517ProfilePress < 4.15.15 - Admin+ Stored XSS4.8